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ABSTRACT 


This thesis develops and solves a tri-level optimization model to plan the optimal 
defense of an infrastructure from intelligent attack. We assume that a “defender” will first 
use limited defensive resources to protect system’s components; then, an intelligent 
adversary (“attacker”) will use limited offensive resources to attack unprotected 
components in order to inflict maximum damage to the system. The defender guides 
system operation with an optimization model, so increased operating cost equates to 
damage. This leads to a tri-level “defender-attacker-defender” model (DAD), where the 
second “defender” means “defender as system operator.” 

The general DAD is NP-hard and requires decomposition to solve. We develop 
four decomposition algorithms: direct, nested, reformulation-based, and reordering- 
based. The reordering-based algorithm computes an optimistic bound by reordering the 
stages of the DAD, and the reformulation-based algorithm uses subproblems that 
resemble standard capacity-interdiction models. Computational tests on generic instances 
of “defending the shortest path” (DSP) show the nested and reformulation-based 
algorithms to be twice faster than the first, on average. 

A hypothetical instance of DSP provides a concrete illustration: A Spanish marine 
unit, in an emergency deployment, must defend its base-to-port route against potential 


terrorist attacks. 
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EXECUTIVE SUMMARY 


This thesis develops and solves tri-level optimization models to solve the problem 
of defending a generic system from intelligent attack. We assume that a “defender” will 
use limited resources to protect system components, and an intelligent adversary 
(“attacker’’) will use limited offensive resources to inflict the maximum possible damage 
on the defended system. The tri-level model becomes a “defender-attacker-defender” 
model (DAD). The defender guides his system operation with an optimization model, so 


damage is measured in terms of increased operations cost. 


We develop a general DAD model that is, apparently, solvable only through 
decomposition. Thus, we devise a decomposition Algorithm 1 for DAD. The master 
problem for this decomposition resembles a master problem for a standard Benders 
decomposition, but the subproblem, instead of being a standard linear program (LP), is a 
mixed-integer linear program (MIP). Algorithm 1 solves this subproblem directly, i.e., 
with LP-based branch-and-bound, while Algorithm 1A _ solves it by Benders 


decomposition. Thus, Algorithm 1A may be viewed as a nested decomposition algorithm. 


Algorithm 1A proves to be almost twice as fast as Algorithm 1 (1.87 times faster, 
on average) on test problems that involve “defending the shortest path” (DSP). DSP 
represents a situation in which the defender-operator needs to solve a minimization 
problem to operate the system optimally (e.g., transiting from station A to station B in the 
quickest time); the attacker seeks to maximize the defender’s shortest path by interdicting 
some components of the system (e.g., cutting down some segments that lie in the A-B 
path); and the defender has to minimize the largest traversal distance after the attacker’s 


best attack. 


A capacity-interdiction formulation provides an alternative modeling approach to 
the same DAD model. This formulation is somewhat more complex than the formulation 
of the standard decomposition for DAD, and is also more difficult to implement. 
However, it proves to be almost as fast as nested decomposition (Algorithm 1A) for the 


test cases based on DSP. 


XV 


Interchanging the order of the first two levels of optimization in the model, that is, 
converting “min-max-min” into “min-min-max,” can provide an optimistic lower bound 
on the optimal objective-function value. We give the advantage to the defender who gets 
to see the attacker’s plan before defending the system and operate it. The quality of the 
bound provided by ADD may be poor, but it can be improved by giving extra resource to 


the attacker, creating ““ ADD*.” 


When the defender-operator solves a shortest-path problem, and the restrictions 
on the resources are given by simple knapsack constraints, ADD (and ADD”) can be 
solved as a special network-interdiction problem called “maximizing the shortest path” 
(MXSP). In MXSP, the original system is expanded in levels, as many as the number of 
units of defensive resource, and each jump between levels corresponds to a defensive 


action taken by the defender. 


A practical example based on DSP illustrates the effectiveness of the models and 
algorithms developed in this thesis. A small, Spanish infantry unit must traverse from the 
Marine Corps’ headquarters to a nearby naval base for immediate deployment, using the 
road network in Cadiz Bay, Spain. A terrorist group can interdict up to six road segments, 
and the Marine Command can defend against these attacks by protecting 10 segments, by 
means of armed patrols. The road network built to represent this example contains 
approximately 200 nodes and 630 arcs. The solution provides the armed patrols optimal 
allotment and the time that would take the infantry unit to get to the naval base in the 


worst case scenario. 


XVI 


i INTRODUCTION 


This thesis addresses the problem of defending a critical infrastructure (or system) 
from intelligent attack by developing and applying tri-level optimization models. We 
assume the system’s operator, called “defender,” will use limited resources to protect 
(defend) system components. Subsequently, an intelligent adversary will use limited 
offensive resources to inflict maximum damage to the defended system. The defender 
guides system operation with a minimizing optimization model, so increased operating 
costs equate to damage. This leads to a tri-level “defender-attacker-defender” model 
(DAD), where the second “defender” means “defender as system operator.” We explore, 


propose and implement different tri-level models to solve DAD. 


This chapter defines and gives examples of critical infrastructure. It specifies a 
model of behavior for the defender, attacker, and their interactions, and it introduces a 


general framework under which these tri-level models will be developed. 


A. CRITICAL INFRASTRUCTURE 


Especially after 2001, governments have devoted much time and effort to identify 
critical infrastructure (CI) and to assess the impact on their nation’s wealth that 
disruptions to that CI might have. The USA Patriot Act (U.S. Senate and House of 
Representatives 2001) defines Cls as: 

.. systems and assets, whether physical or virtual, so vital to the United 

States that the incapacity or destruction of such systems and assets would 


have a debilitating impact on security, national economic security, 
national public health or safety, or any combination of those matters. 


The National Strategy document for Homeland Security (Department of Homeland 
Security 2002) identifies thirteen sectors in which most of CI systems may be framed, 
including agriculture, food, water, public health, energy, transportation, information, and 


telecommunications. 


The Department of Homeland Security (DHS) is responsible for keeping the 
national infrastructure inventory updated with basic information about the systems, 


including: the elements involved, either human, physical or cyber; services provided; 


1 


dependencies; and interdependencies. (The U.S. Office of the Inspector General stated 
that, as of January 2006, the National Infrastructure Database already contained up to 
77,069 assets ranging from gas stations and retail outlets to nuclear plants and water 


distribution systems; see Inspector General 2006.) 


Listing the systems is only the first step. A comprehensive vulnerability analysis 
is important to enable authorities to evaluate the effects of potential attacks and to invest 
to protect or harden system components. This is being accomplished by setting a common 
methodology for risk assessment, the Risk Management Framework, provided by the 
National Infrastructure Protection Plan (“NIPP”; see Department of Homeland Security 


2002). 


Many of these systems were built to be cost-effective, which implies they often 
provide only a minimum level of redundancy to satisfy demand or other requirements. 
They may reasonably well handle disruptions caused by random degradation of physical 
components, accidents due to mechanical or human failure, and acts of nature. However, 
these CIs may not show robustness against an intelligent attack that destroys critical 
components. For example, three bridges crossing a river in a populated city may handle 
the traffic between both sides even when one of them is closed due to a major accident. 
However when all three are intentionally put out of service, the crossing traffic ceases 
completely. Traditional vulnerability analysis needs the perspective of the terrorist threat 
to capture the behavior and response of a particular system under a new set of 


circumstances. 


The standardized method for vulnerability assessment (Department of Homeland 
Security 2006) starts by analyzing a CI in terms of numerical measures of threat (0), 
consequence (c), and vulnerability (v) for individual system components. Threat reflects 
the likelihood that a component will suffer a terrorist attack. Consequence reflects the 
reduction in the system’s performance given a successful attack on a component (the 
greater the reduction in performance, the greater is the consequence). Vulnerability 
reflects the likelihood that, if an attack occurs, the component will be partially damaged, 


incapacitated, or destroyed. 


Every component i of a particular CI system is evaluated and given numerical 


values ¢,, c, and v,, representing threat, consequence and vulnerability, respectively. 
Then, a measure of risk (r) is estimated for a particular system. In general r = f (t,c,v) ‘ 


but typically, r=txcxv. Components are then prioritized with respect to the estimated 
risk and this ordered list eventually provides the decision-maker with a picture to help 
him decide which components should be given priority for protection, where to allocate 
resources, what protective programs should be instituted, and what the appropriate level 


of investment in programs should be. 


The protective programs may seek to prevent any potential attack by taking 
specific actions on the elements of the system subject to protection (e.g., building 
stronger fences along the perimeter of key installations, increasing the number of 
armored patrols on any given border segment), or to reduce its effects (e.g., by training 
emergency-response teams). However, this thesis primarily focuses on physically 


protecting CI components from attack. 


The analysis of those protective actions and their impact on the risk mitigation, 
eventually guides the investments used in a particular program. Sometimes no analysis is 
available, and the program manager implements defensive measures by just following the 


guidelines of a written manual (FEMA 2007). 


How should a limited defensive budget be spent to protect a single CI system as 
well as possible? The current methods utilized to guide investments into protective 
programs are based on priorities on individual components, but ignores component 
interactions. We propose the modeling and solution of an optimal defensive plan obtained 


from the solution of a tri-level optimization model. 


We are interested in many different systems, but these are often modeled as 
networks, where some commodity (e.g., electricity, water) must be moved from one or 
more points to one or more other points, while following the topology of the underlying 
network and laws of physics. For example, consider the U.S. Strategic Petroleum Reserve 


(Department of Energy 2007): This system can be represented as a network in which 


storage sites represent source nodes; pumping stations represent transit nodes; refineries 
and shipping ports represent sink nodes; and pipelines correspond to arcs that connect the 


various nodes. 


We assume that the operator of the infrastructure, (henceforth called the defender- 
operator), operates his system following guidance from an optimization model 
(“Defender Model,” or “D’’), specifically by solving a linear program (LP). For example, 
the SPR management office, as the defender-operator, operates the system during an oil 
emergency, and possibly after an attack on the system, to ensure that enough oil flows 


from storage sites to meet demands. 


Before defending the system, the protecting agency (henceforth called defender) 
needs to know how the terrorist organization (henceforth called the attacker) is going to 
attack it. We assume that the attacker, according to his resources, seeks to maximally 
disrupt a system’s operations by interdicting certain components. Thus, the attacker 
solves a bi-level optimization model, Attacker-Defender (AD), where “D” denotes the 
defender-operator’s optimization model mentioned above, solved at the inner level (See 
Brown, Carlyle, Salmeron and Wood 2005). There is no uncertainty about the attacker’s 
resources, or what the effect of attacks might be. This is important because deterministic 
interdiction problems, as presented in this paper, rely on accurate information. Otherwise, 
we would be dealing with a stochastic interdiction problem (Cormican, Morton and 


Wood 1998), which is beyond the scope of this thesis. 


As opposed to Cournot models (Cournot 1838), where both opponents move 
simultaneously, we model the opponents’ interactions following the rules of a 
Stackelberg game (Stackelberg 1952). The leader (attacker) plays first by interdicting the 
system in an optimal way, and then, the follower (defender) observes the actions taken by 
the leader and makes his best choice. In most of the economic models played by the 
Stackelberg rules, any non-optimal solution adopted by the follower that deviates from 
equilibrium may hurt not only himself, but also, the leader. However, this is not the case 


here: If the attacker makes a non-optimal move, the results cannot cause worse damage 


than foreseen by the solution of the bi-level model. Also, the defender-operator has the 
option to improve his cost by choosing another course of action which takes advantage of 


the attacker’s neglect. 


One of the key assumptions of these games is perfect information. Decisions 
taken by one player are based on complete knowledge of the actions that will be taken by 
the other. Furthermore, we assume that the attacker has perfect information about the 
system. This means that no components of the system are hidden to the attacker and, 
essentially, both players deal with the same problem. This leads to sensibly conservative 
damage assessments for the defender: The attacker can cause no more disruption to the 


system than the worst case identified by the solution of AD. 


The solution of AD provides valuable information to the defender-operator. First, 
it points out critical components of the system. Second, it lays the groundwork for the 
next embellishment of the Stackelberg game, the addition of a level of active defense: 
Using a tri-level model, the defender seeks to minimize the maximum damage an attacker 


can inflict to the system when it is operated optimally. 


The defender therefore, needs to solve a Defender-Attacker-Defender model DAD 
(See Brown, Carlyle, Salmeron and Wood 2005). Observe that, in order to differentiate 
the two roles that the defender plays in this model, a distinction has been made between 
defender and defender-operator. The former defends the system, while the latter operates 


it optimally. 


Brown, Carlyle, Salmeron and Wood (2005) describe new bi-level models to 
solve the problem of defending CI, applying these models to electrical power grids, 
subways, airports and other systems. These authors also introduce the idea of embedding 
a given AD model in a tri-level DAD and state that this type of problem solves only with 


“extreme difficulty.” 


Brown, Carlyle, Salmeron and Wood (2006) formulate and solve an electrical- 
grid protection problem with a tri-level DAD model. However, as opposed to AD 


problems, full-scale tri-level problems cannot be solved yet. 


This thesis proposes a general framework for DAD models represented as tri-level 
mixed-integer linear programs (TLMIPs), proposes several solution methods for such 
models, and investigates the computational behavior of these methods. Medium-size 


problems are implemented and solved by these models. 


In general, the inner optimization problem of any TLMIP developed in this thesis 
is an LP for the defender’s system-operation model, and resource constraints on system 


defense and attack will be fairly simple, such as knapsack constraints. 


B. THESIS OUTLINE 


Chapter II proposes and develops a general tri-level DAD model, and a capacity- 
interdiction DAD, which reformulates the basic DAD probing other solving 


methodologies. 


Chapter HI formulates an ADD model (Attacker-Defender-Defender model), 
where the two outer optimization layers, i.e., “DA,” have been interchanged for the 
ultimate purpose of bounding, and eventually solving, DAD. Interchanging the order of 
these two levels gives the advantage to the defender, so ADD yields a lower bound for a 
min-max-min DAD. A method is also described to add resource for the attacker in order 
to tighten the bound. Provided this bound is tight enough and easy to obtain, ADD can be 
incorporated in the DAD decomposition method to accelerate the convergence of the 


algorithm. 


Chapter IV presents different solution algorithms for these models and the 


implementation for the “Defending the Shortest-Path” problem (DSP). 


Chapter V presents computational results from testing hypothetical network 


examples of different size and shape against the aforementioned algorithms. 


Finally, Chapter VI illustrates a deployment protection problem of a Spanish 
Marine Corp Special Operation Forces (SOF) unit. This exercise requires the solution of 
DSP, using a tri-level DAD model, for a small Infantry entity who must traverse from its 


home base in San Fernando to the Naval Base in Rota for emergency deployment. 


I. FORMULATIONS FOR THE TRI-LEVEL “DAD” MODEL 


This chapter describes a general DAD model as a tri-level mixed-integer program 
(TLMIP). Direct solutions will typically be impossible, so we provide several indirect 


solution approaches. 


We simplify model notation using the following conventions: 


. Models and model instances are represented by acronyms in uppercase 
letters, 
. A superscript indicates the type of inner optimization problem (e.g., “LP” 


for linear program or “dLP” for a dual linear program), 


. Lowercase letters then identify the sense of each level’s optimization, 
specifically, “m” for minimization and “x” for maximization. 


oe 9 66.99 


° A “hat” over “m’” or “x” indicates that the decision variables for that stage 


are fixed.. 


For example, DAD“ mxm stands for a tri-level defender-attacker-defender model 
with a min-max-min optimization structure, and with a linear program representing the 
defender-operator’s optimization problem. And, DAD“’mxm is really just a bi-level 
attacker-defender model because the defender’s variables are fixed. (Appendix I contains 


the complete description of the notation used throughout this thesis.) 
A. A GENERAL DEFENDER-ATTACKER-DEFENDER MODEL 


1. Definitions and Model Assumptions 


We state the inner “D problem” as 


[EXD] min f(y) 


yeY (x) 


At this inner level of DAD, the defender-operator operates his system as best as 
possible by setting decision variables y to minimize operating cost, including penalties 
for unsatisfied constraints. This minimization can also represent other objectives such as 


maximizing operating profit or system output, minimizing unserved demand, and so 
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forth. The set Y(x) represents operating constraints, e.g., flow-balance constraints in a 
pipeline model, as affected by a vector of attacks x that restricts that operation. 


In fact, the attacker seeks maximize the defender-operator’s cost of operating the 


damaged system, so the “AD model” is 


[KAD] max min f(y). 


xeX(w) yeY(x) 


where X(w) represents feasible attack plans after the defender implements a defensive 


plan w. If component k is defended and made invulnerable, the assumption of 
transparency of information implies that component k will not be attacked. Of course, 
X(w) will also include at least one resource constraint that limits the extent of possible 


attacks. 


In the outer level of DAD, the defender uses his limited defensive resources to 
protect his system from attack. At this level, the defender’s goal is to minimize the 
maximum damage that the attacker can inflict, where damage is measured in terms of the 


optimal solution to the defender-operator’s inner model. 


The three stages that this tri-level DAD model comprises are summarized as 


follows: 


DAD min max min 
[ ] weW xeX(w) yeY(x) f(y) 


The vector w represents the defensive actions taken by the defender to protect 


certain components of the system, and W represents the feasible region for the defender. 


[DAD] posits that the defender wants to minimize the damage the attacker can 


cause. This will be accomplished by protecting some system components and, thereby, 


certain activities. For simplicity, we assume 


1. Binary defensive actions: w,=1 if the k” component has been 
protected, and w, =0 otherwise. The set W incorporates these binary 


restrictions as well as the defensive resource constraints. 


2. Binary attacks: x,=1 if the k” component k is attacked, and 
x, =0 otherwise. The set X incorporates these binary restrictions as 


well as the attacker’s resource constraints. 


3. Continuous activities: y, represents the level of activity, set by the 


defender-operator, for component k. We assume that 0<y<u and let 


U =diag(u). 


4. A “defense” completely armors a component. That is, w, =1 implies that 
component k is invulnerable to attack. Although x, =1 may be possible 
when w, =1, the attacker gains nothing from the corresponding attack. 
Since the attacker does not have so much resource that he can waste 


attacks on defended components, along with the assumption of perfect 


information, we may assume that w, =1 also implies x, =0 . 


5. One-to-one relationships are assumed between system components, 
attacks, and activities: A single attack stops exactly a single activity and 


an activity is stopped by no more or less than one attack. 
The DAD model now becomes: 


pany] a a 
x<l-w_ y<U(1-x) 


This model allows numerous generalizations such as “uninterdictable” activities and 
interdictions that affect more than one activity, although these generalizations will not be 


pursued in this thesis. 
We also assume: 


6. The property of relatively complete recourse prevails for DAD with 
respect to w and x. (This property derives from the stochastic- 
programming literature; see Birge and Louveaux 1997, pp. 92-93). In 


particular, for any defensive plan weW, the — set 


X(w) ={xe X |x<1-—w!+#©; and for any attack plan xe X(w), the 
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set Y(x)= {y eY|y<vu(l —x)} #©. This means that, in all stages, the 


following player has a feasible response to the immediately preceding 


leader’s play. 


Proposition 1: For sufficiently large values of d,, [DADO] may be reformulated as 


[DAD1] min max min f(y)+(x’ —w’ )* Dy, 
weW xeX yeY 


where d=(d,d,...d.,,), D=diag(d), and the term (x" -w") stands for the vector 
maximum of 0 and (x’ —w’) §J 


The proof is trivial. Actually, [DAD1] can also be used when interdiction of an 
activity does not force that activity’s level to 0. For instance, suppose (a) the relevant CI 
system is the road network of a particular region; (b) the defender-operator wants to go 
from base A to airport B using a shortest path; (c) the attacker seeks to interdict road 
segments by means of bombardment (terrestrial, aerial, or via improvised explosive 
devices) to maximize the defender’s shortest (quickest) A-B path; and (d) the defender 
can protect certain segments from attack with extra patrols or anti-aircraft weapons. In 
this case, an interdicted road segment might simply have a delay d, added to its nominal 
traversal time c,, and it may be worth the defender-operator’s effort to incur this delay. 
We also note that the ‘“+” operator here can be easily replaced by linear constructs and 


does not add any difficulty to the model’s solution. 


2; The Defender-Attacker-Defender Model [DAD” mxm] 


When the inner minimization of [DADI] is a linear program, the defender must 


solve this is problem: 


[DAD mxm] min max min(e” +(x" —w y D)y (1) 


weW xeX y20 


s.t. A*y=b° [z:dual vars. for fixed x and w], (2) 
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where the vector ec denotes the activity costs and the constraints A”y = b’ correspond to 
general system-operation constraints. Note that, hereafter, dual variables for linear- 
programming restrictions of MIPs—for instance, m in [DAD“’mxm]—will be denoted in 


square brackets next to the relevant constraints, but without the explanation as in (2). 


Chapter IV proposes some solution procedures for [DAD“’mxm]. However, some 
preliminary thoughts about how we might approach the problem will help up us to 
develop further models and solution procedures. The first attempt to solve this model 
might be to transform [DAD”’mxm] into [DAD“’mxx]. This is done by linearizing the 
expression in the objective function including the necessary constraints in the matrix A”, 
temporarily fixing wandx, taking the dual of the inner minimization problem, and 
releasing both variables after rearranging the terms. A bi-level mixed-integer linear 


program (BLMIP) results: 


[DAD“’mxx] min max (b’)' 2 (3) 


wew X,7 
s.t. (A’)'m<e+D(x-w) (4) 
m free, xe X (5) 


Given the last formulation, we would like again to take the dual of the inner 


maximization problem and solve a minimizing MIP problem by choice of x,y,w. 
However, this is impossible because that inner maximization is not an LP. Therefore, we 
need an alternative approach. 

We need bounds to enclose the objective function from above and below. 
Furthermore, when sequentially calculated in an iterative algorithm, these bounds must 


converge to the optimal value z’. 


Since the outer layer of the tri-level problem is a minimization, fixing the defense 


plan to w=W, and solving the resulting problem, [DAD mxm], leads to the upper 


bound Z(W)>z . By taking the dual of the inner minimization in [DAD’’mxm], we see 


that it suffices to solve this MIP: 
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[DAD“’mxx] Z(Ww)=max (b’)' 2 (6) 


s.t.(A*)’a<e+ D(x-wW) (7) 
nm free, xeX (8) 
This MIP can be solved either directly or by using a decomposition algorithm. A 


solution (x, it) represents a tentative attack plan x by the attacker and the resultant best 
dual response to that attack plan by the defender-operator. (Observe that the defender- 
operator’s operating plan is obtained by solving the primal [DAD mim] given both 
W and x.) 

Now, suppose that, for a given defensive plan w, we have enumerated all 
possible attack plans X and corresponding extreme-point dual responses a by the 
defender-operator. Let (x,7) € XII denote this enumerated set, and let XII denote any 


nonempty subset of XII. A master problem for the tri-level problem is defined as: 


[MPmxx] Z= min z 
ZW 


(9) 


ALA 


st. 722>(b’)'a-%' Dw V (&, 7) € XII 
wew (10) 

Observe that, whenever x, =1, the term —d,w, defines an upper bound on how much the 
defender would save if he had protected activity k. 

Since the solution of the subproblem (equations (6)-(8)) certainly occurs at 
(X, 7) e XT], it follows that [MPmxx] is equivalent to [DAD“’mxx] when XTl=XT1l. 
When XII Cc XT, we call [MPmx%] the relaxed master problem. Indeed, it defines a 
relaxation of [DAD“’mxx], and 2 gives a lower bound on the optimal objective to 
[DAD]. Of course, we hope to obtain a solution by generating only a small subset 
XII, with each (%&m)eX II being generated in an iteration of a decomposition 


algorithm. The complete procedure is shown in Section IV.A. 
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B. A CAPACITY-INTERDICTION FORMULATION 


daLP 


One of the difficulties encountered in the formulation of [DAD*” mxx] is the 


apparent impossibility of transforming it into a simple minimization problem. Other ways 
to formulate and to solve the problem must be explored. This capacity-interdiction (CN) 


model, which assumes that the level of an interdicted activity must be 0, will prove 


useful: 
[DAD”’mxm-CN1] | min max min e’y (11) 
weW xeX  y20 
s.t. A’y=b” [a] (12) 
y<U(1-x+w)  [B] (13) 
y<u [0] (14) 


Essentially, this model is simply a reformulation of [DADO] when the inner 


minimization is an LP. 


Again, we may convert this problem into a bi-level nonlinear MIP (BLMINLP) 
by temporarily fixing x, and taking the dual of the inner minimization problem. After 


rearranging terms and releasing x, we obtain: 


[DAD“* mxx-CN1] — min max max (b’)'a+(1—x+w)'U'B+u'0 (15) 


weW xex 48,0 
st. (A*)'at+i/p+l0<c (16) 
a free, B<0, 0<0 (17) 
This BLMINLP can be solved, at least in theory, by decomposition methods. 
(Note that a “max-max” is just a “max,” so, in essence, the problem has been converted 
into a min-max defender-attacker model with a mixed-integer optimization model being 


solved by the attacker). 


The next step to improve the model is to allow the defender-operator to make use 


of activities that have been interdicted (the penalties d, are no longer sufficiently large to 


prevent that from happening). In order to do that, we need to slightly change the model to 
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[DAD mxm-CN2] | min max min e’y+(e+d)' y’ (18) 


weW xeXx y,y'>0 


st. A’y+A’y’=b’ [a] (19) 
y <U(1-x+w) [B] (20) 
yt+y <u [0]. (21) 


Essentially, we are expanding the infrastructure by doubling the existing 
activities. By choosing y, instead of y,, the defender makes use of the Kk" activity, which 
has been interdicted, and he must, therefore, pay a penalty. Observe that the variable y, 


is not subject to the second set of constraints because it represents a fictitious activity that 
is neither interdicted nor defended and, by construction, it will only be used when the 


associated activity is interdicted. 
Taking the dual of the inner min problem yields the following formulation: 


[DAD“’ mxx-CN2] | minmax max (b’)’a+(1—x+w)’U'’B+u’@ (22) 


weW xeX a,f,0 


st. (A’)'at+i/p+l0<c (23) 
(A’)'a+l0<c+d (24) 
a free, B<0, 0<0 (25) 


Chapter IV presents some methods to solve these models ([DAD” ]and 


[DAD“” -CN]) and their implementation for a specific problem: “Defending the Shortest 
Path” (DSP). 
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ll. AN ATTACKER-DEFENDER-DEFENDER MODEL FOR 
BOUNDING “DAD” 


This chapter formulates a tri-level model whose optimal objective value yields an 
optimistic bound for DAD. The bounding model reorders the stages in DAD to create an 
ADD model. This rearrangement simplifies the model, at least in theory, because the 
inner two minimization levels can now be collapsed into one. By means of “solution- 
elimination constraints,” the bound yielded can be brought closer to the optimal DAD 
objective-function value to meet the stopping criterion of the decomposition method. 


Solution methods are proposed in Chapter IV. 


A. MODEL FORMULATION 


Let us consider [DAD mxm]. Suppose that we interchange the first two levels by 
replacing min-max with max-min: The new model is [ADD“’xmm]. Because the 
defender gets to observe the attacker’s plan before making his own defensive decisions, 
which can nullify the effects of some individual attacks, we are giving the defender 
advantage. The optimal objective of such a model will yield a lower bound on the optimal 
objective value for [DAD’’mxm]. This may be helpful for solving certain versions of this 
problem. The attacker-defender-defender model (ADD) may be formulated as follows: 

[ADD” xmm] re a me (e" +(x’ —w' D)y (26) 

xeX weW y> 
s.t. A*’y=b’ [7] (27) 

Alternatively, its compact form is: 

[ADD”’xm] max min (e" + (x" —w' ) D)y (28) 

xeX weW, y20 
s.t. A’y=b° [7] (29) 

As we have seen before, the inner minimization problem has a nonlinear objective 

function, and we cannot take its dual and obtain a linear, mixed-integer maximization 


problem. Thus, we may also want to use a capacity-interdiction model reformulation. 
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If we assume that the penalties d, are much greater than the cost of the activities, 


and that w, =0 and x, =1 imply that y, =0, we can rewrite [ADD™ xmm] as: 


[ADD”’ xmm-CN1]_— max min cy (30) 
xeX weW,y20 

s.t. Ay=b [a] (31) 

y <U(1-x+w) [B] (32) 

y<u [8] (33) 


Constraints (32) establish an upper bound on activities depending upon 
interdiction and defense. Constraints (33) represent capacity limitations for every 
component (an example is maximum flow across a pipe segment of a water system). Note 
that we invoke the property of “relatively complete recourse” here to ensure that the 


model is feasible for any feasible attack plan x. 


If we do not make the assumption that the penalties d, are large enough to 


preclude the utilization of interdicted activities, we may enhance the model as follows: 


[ADD xmm-CN2] max _ e’y+(c+d)'y’ (34) 
xe weW,y.y’ 

s.t. Ayt+A’y'=b° [a] (35) 

y <U(1-x+w) [B] (36) 

yty <u [8] (37) 

y>0,y'>0 (38) 


Recall that by selecting y; instead of y,, the defender agrees to use the k” activity 
with the added penalty. 


In Chapter IV, we develop some methods to solve these models. 


B. STRONGER BOUNDS: STRENGTHENING “ADD” 


Although the solution to ADD gives a lower bound for DAD, the bound may be 
poor. Assume, for instance, that DAD has simple cardinality constraints for attacker and 


defender resources and the right-hand sides of those constraints are the same. In this case, 


the solution (W,¥) obtained from [ADD imm] for any fixed interdiction plan X, will 
» y p 
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nullify all the attacks implied by x. Thus, the bound is the obviously weak bound 
provided by the solution to the defender-operator’s problem assuming no interdictions at 


all. We can do better. 

Consider the directed network depicted in Figure 1 where the defender-operator’s 
objective is to find the shortest path from s to t. The nominal length of each arc (i, j) is 
c,;, and the potential delay that the attacker can inflict is d, ,. The attacker will attack 


two arcs and the defender will defend one. The optimal objective value for DAD is 3, but 


the lower bound coming from ADD is 2 (Figure b). If we give three units of resource to 


the attacker, the optimal objective value for the new problem, denoted by “ ADD" ,” is 3 
(Figure c) and, therefore, it provides a valid and stronger lower bound on the optimal 


objective-function value z*. 


G)einaii-~G) 
ao “aoy* “@”* 
a) b) c) 


Figure 1. | Network to illustrate the tightening and validity of the ADD* 
lower bound. Figure a) is the original network; figure b) depicts the 
solution to ADD and figure c) depicts the solution to ADD”. 


Thus, to tighten the lower bound from ADD, we may try to give the attacker extra 
resource. However, if we give him too much, the resulting bound may be not valid. So, 


how much extra resource can we give to the attacker and still be sure of a valid bound? 
As in the example, assume that limits on resources for the attacker and the 


defender are given by simple knapsack constraints, i.e., x ¢ X ={xe {0,1} la'x <p'| 


and weW= {w e {0,1}" |a"w< b” , respectively. Now, create an instance of ADD* by 
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giving the attacker 620 extra units of resource, i.e., replace xe X in ADD with 
xe X(d)= {x e {0,1}" |a’x <b" + 5| . The model is formulated as follows: 


[ADD***xmm(6)] max min min (e" + (x" —w ) D)y 


xeX(d) weW y20 
s.t. A°*’y=b’ [7] 


where 6 would be the least interdiction resource which would make the defender use a 


maximal defensive resource to counter it. A valid value for 6 still needs to be found. 


Theorem 1: Let z be the optimal objective value of [DAD“’mxm], let z'() be the 
optimal objective value for [ADD*’ xmm(6)], and define 


W=Wo {w is maximal for a” w < br If 
6 <min a’w, (39) 
weW 


* 


then z (6) SZ 5 


Proof: Let us write [DAD“’mxm] with knapsack constraints for the defender and 


attacker, and a general linear program for the defender-operator in this simplified form of 


equation (1): 


z =min max f (x,w) (40) 
weW  xeX 


where f(x,w) = min (e" +(x" —w I D)y ; 
yeY 
Now suppose that the attacker has 6 extra units of attack resource, with 6 
satisfying (39), but must waste that resource on defended activities. This will have no 
effect in the objective-function value because it is always feasible for the defender to 
neutralize the “extra” attacks. Therefore, 


z= min max f(x,w) (41) 
weW xeX(0) 


18 


s.t. > atx, 20 (42) 
k 


Since the attacker must act first, interchanging the max and min benefits the 


defender. Thus, 


z > max min f (xw) (43) 
xeX (6d) weW 
s.t. Vax, 26 (44) 
k 
= max min f(x,w) (45) 
xeX(50) weW 


z (6) by definition. 


Equality holds in (45) because (a) we may assume the defender, who now plays 
second, will “post-defend” only interdicted activities and, thus, the left-hand side of (44) 
will always be positive; and (b) constraint (39) ensures that that positive left-hand side is 


always at least 6. 


It may be the case that, even if 5 does not satisfy (39), z (0) is still a valid lower 
bound on z’. For example, in the simple DAD problem described in Figure 1, 5 =1 is 
the maximum value that is guaranteed to be valid by Theorem 1. However, for 6 =2, 
z (6) =3 is still a valid lower bound (in this case, z'(5) =z ). However, “cheating” in 


this way may not always be possible. 


The solution of ADD* must be a feasible solution in DAD to be of any value. 
Therefore, the defender’s actions must not only be feasible with respect to the initial 
constraints W , but also need to nullify some of the attacks. The remaining ones either 
represent a feasible solution for the attacker in the original DAD, or they do not have an 
impact the objective-function value. Consequently, the defensive constraints in ADD* 


are given by W. 


To summarize the last two paragraphs more precisely, the solution of ADD” will 
give a lower bound for DAD provided that, in DAD, the optimal objective value is non- 


increasing for increasing x (in A), and non-decreasing for increasing w (in D). That is, 
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extra attacks (6) do not consume extra defensive resource because they do not affect the 
objective-function value. Neither do extra defenses added to the problem, because the 


best operating plan has already been protected and at least b* attacks have been left 


uncovered. In this sense, the proof requires that w be “maximal” with respect to 


constraints W . 


For the special case where both the attacker and defender have cardinality 


constraints in their respective resources, we can think of the following game sequence in 


ADD’: 
e The attacker interdicts b* +b” activities; 


e The defender nullifies b” of those attacks and brings back the associated 


activities to their original costs; and 


e Finally, the defender-operator again finds the optimal operational plan for 


the system given the increased costs for non-nullified attacks. 


* 


ADD* 


Ideally, ADD” is solved in hopes that the solution yielded (w,.,) is close 


enough to the DAD objective-function value to meet optimality criterion. Thus, the 


optimality conditions need to be tested in the DAD subproblem formulated in equations 


* 


ADD* 


* 


ADD* 


(6)-(8) having w as an input (Ww pap <W ) _ If the upper bound of [DAD“” mixx 


reveals a non-optimal gap, that is, Z,4) —Zapp > €» then ADD* has to be recalculated 
with an added solution-elimination constraint w # W, ,. . Hopefully, the convergence of 
this algorithm to get an ¢-optimal solution for DAD is faster than the decomposition 


method for DAD itself. 


The next chapter provides some statistics about the bound’s quality that this 


ADD‘ model yields. 
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IV. SOLUTION METHODOLOGIES 


Thus far, we have presented variations on DAD and models for bounding DAD. 


This section adds detail and illustrates general procedures for solving these models. 


Section A provides a basic algorithm to solve DAD and illustrates this solution 
procedure by solving the problem of “Defending the Shortest Path” (DSP). Section B 
solves DSP using the capacity-interdiction version of DAD. Sections C and D deal with 
ADD and ADD” and build a special model (MXSP) for solving DSP. This is derived 
from ADD” and is based on a network-interdiction problem on an expanded network 


with a particular structure. 


A. DEFENDER-ATTACKER-DEFENDER MODEL 


Chapter II sketched an algorithm to solve DAD by decomposition. We agree that 
any feasible defense plan would give us an upper bound on the objective function. This 
bound can be computed by fixing w=wand solving the following “upper-bounding 


subproblem:” 


[DAD“” mxx-SP] 


Z(W)=max (b’)'2 


st. (A”)"m<e+D(x-W) 
a free 
xeXx. 


[DAD“’mxx-SP] is a mixed-integer program. We may try to solve it either 


directly or by decomposition. In this latter case we would have an “inner” Benders-like 
decomposition method for the subproblem, and an “outer” decomposition for the full 
DAD (Henceforth we will call this method “nested decomposition,” O’Neill 1976). The 


decomposition for the subproblem is defined by these two problems: 
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[SP'mkm] min (e" +(%"-w" ) D)y (46) 


ma) 
st. A’y=b’ (47) 
[MP'mxm] max (48) 
st. z<e’y+(x’-w") D§,v(W.9) WY (49) 
xeX, (50) 


where the set WY in (48) comprises all pairs (w,y) identified by the subproblem (46) on 
successive iterations. 
Now, [SP'mxm] is an LP and [MP'’mxm] is just a MIP. The (relaxed) master 


problem is defined as usual: 


[DAD“” mxx-MP] 
ae ; (51) 
z(xTI)= min z 
st. z>(b°)'@#-%"Dw VV (&%) Ee XTI (52) 
wew (53) 


where (#,X) come from the solution of the subproblem either directly or by 


decomposition. In theory, the algorithm would eventually enumerate all possible feasible 


combinations for (7,x,w), so a solution must be found. Let us outline this algorithm. 
1. A Decomposition Algorithm to Solve DAD 
Algorithm 1: 


Input: An instance of [DAD’’mxm] with matrices D, A’, initial feasible defense plan, 


W° (e.g., W° =0), vectors b” and c, and an allowable optimality gap ¢. 


Output: An ¢-optimal defensive plan w' for [DAD“’mxm], the optimal attack plan x’, 


and the optimal system-operation plan y’ . 


{ 


Initialize: Z<- 0; ze -c; WE Ws XTC D 
—_s 2: 
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While (z-z>e){ 


Solve [DAD“’mxx-SP] for W (either directly or by decomposition) to 
obtain an incumbent upper bound on the objective function z(w); 
XT XNU{(R a} ; 

If (Z(W)<Z){ Z<—Z(W); W CW; } 


Solve [DAD“?m&%-MP] for all (X,%) € XII to obtain z(XT1) and a new 


defense plan w; 
ge z(XIM); 


} 


Print (“¢-optimal defense plan, activity levels and objective-function values are” 


* * ‘ 
w ,y, Zz, “respectively.”) 


The nested decomposition algorithm (Algorithm 1A) is identical to Algorithm 1. 
The only difference is that the subproblem is solved inside an inner loop that takes w as 


a fixed parameter and, then, proceeds to solve the sub-subproblem [SP’mxm] in (46)-(47) 
This is followed by the sub-master problem [MP'’mxm] in (48)-(50). The solution 
obtained from this inner decomposition loop (% 9) is now injected into the outer master 
problem. Then, and Algorithm | takes over. 

Infanger and Morton (1996) propose sharing cuts for different scenarios at the 


same stage in order to accelerate the convergence of decomposition methods to solve 


multi-stage stochastic linear programs. In the same fashion, it may be possible to use 
results obtained in the solution of the subproblem [DAD“’mxx-SP] from one major 


iteration to the next. This may improve substantially the solution times reported in Table 


9, but is beyond the scope of this thesis. 
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2. Implementation of DAD for “Defending the Shortest Path” 


We will illustrate Algorithm 1 with the DAD problem “Defending the Shortest 
Path” (DSP). In DSP, the defender needs to minimize the maximum traversal length of 
the network that represents the system infrastructure. We might be dealing with, for 
example, a railway transportation system, a military logistic depot at station A, a potential 
customer at station B, and a certain commodity that must be sent from A to B in the 


shortest time possible. 


The system is modeled as a network with its corresponding set of nodes (e.g., 
train stations on a railway system or road intersections on a road network) and arcs (e.g., 
segments of railways connecting stations or road segments between intersections). Costs 
are defined by arc-traversal times and penalties are defined by delays incurred if 


interdicted arcs are traversed. 


For this model and other models implemented in this thesis, we assume that action 
occurs on arcs. If we wish to take action over a node in the network, we just split it and 
propagate the interdiction and defense through all the arcs that connect the split nodes 
(Ahuja, Magnati and Orlin 1993, pp. 41-42). Furthermore, for simplicity, we consider 


only cardinality constraints in the resources for both attacker and defender. 


Problem definition: Minimize the maximum traversal cost that the attacker is able 


to inflict after his best attack by appropriately selecting the arcs to be protected subject to 


available resources. The system is represented by the directed graph G== (NV ,A) which 
contains a set of nodes ie NV and the linking arcs k =(i, j)¢.A with their cost c, and 
penalty d,. A represents the set of all arcs and NV represents the set of all nodes. If an 
arc k is traversed, the defender pays its nominal cost c,. However, if that arc has been 
interdicted, an extra cost d, is added The latter is to be applied if the defender-operator 
traverses k . 

Indices and index sets: 


i, j¢ N Nodes in G=(N,A) 


S Source node in G =(N,A) 
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t Sink node in G=(N,A) 

k=(i,j)eA Arcsin G=(N,A) connecting nodes i, j ¢ NV 

FS(i) Forward Star of node i. (Set of all arcs k € A departing from i) 
RS(i) Reverse Star of node i. (Set of all arcs k € A arriving at 7) 
Data: 


c, 290 Nominal cost of traversing arc k 


d, 20 Added penalty the defender-operator pays if arc k is interdicted and then, 


traversed 
b* Maximum number of attacks to the network (attacker’s resource) 


b" | Maximum number of arcs that can be protected (defender resource) 
Variables: 
a Attacker’s decision to interdict arc k: x, =1 if arc kis interdicted, and 


x, =0 otherwise 


Y, Defender’s decision to traverse arc k which has not been 
interdicted: y, =1 if arc k is traversed, and y, =0 otherwise 


1, Dual variables for flow-balance constraints at each ie NV 


w, Defender’s decision to defend arc k: w, =1 if are kis defended, and 
w, =0 otherwise 

Formulation of the basic DSP model: 

[DAD mxm] 


min max min dV (o +4.%, (l-™)) », (54) 


weWpsp XEX psp keA 
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1 ifi=s 


st. >) y¥- Dy =4 0 Vie N \{s,t} (55) 
keFS(i) kERS(i) = ifs t, 
where 
Xi. {xe (04) ee? <b’) and (56) 
keA 


Wasp = iw €{0,1}''| Dw, s o*} (57) 


keA 


Formulation of the subproblem for DSP: 


Since we are using decomposition, the following subproblem (see [DAD“’mxx], 


equations (3)-(5)) must be solved: 


[DAD“” mxx-SP] 


Z(W)= max 7, ~7, me) 
Sti mia Se td alow)- VekeA (59) 
KE X pep (60) 
n, free Vie N 
Formulation of the master problem for DSP: 
See [DAD“”’mxXk-MP] , equations (51)-(53). 
[DAD“” mxx — MP] 
ae (61) 
z(XTI)= min z 
s.t. 22(#,-#,)- > £,d,w, V(&%) € XT (62) 
keA 
WwW EW sp (63) 


Constraints (59) are the optimality conditions for the DSP and constraint (60) is 


the attacker’s resource constraint, along with the integrality requirements for the 
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variables. Constraints (62) are the Benders cuts for each iteration of the algorithm, and 
constraint (63) is the defender’s resource constraint, along with the integrality 


requirements for the variables. 

Chapter V provides some computational results using this algorithm on grid 
networks of different aspects and sizes. 

a Stronger Bounds for DAD 


The lower bound provided by the master problem [DAD“”mxx-MP] in equations 


(51)-(53) can be tightened by solving a linear program that calculates the best remaining 


operating plan after the defender utilizes defenses to nullify some of the attacks. 


Let us illustrate with a simple example. Consider the DSP depicted in Figure 2, 
where the defender, with 1 unit of defensive resource, needs to traverse from node | to 
node 4. The attacker, with 2 units of offensive resource, wants to maximize the length of 


the defender-operator’s route. 


Gaia G ) 


Figure 2. 4-node network to show a simple DSP problem where the lower 
bound provided by the master problem can be tightened. 


In the subproblem’s first iteration, because the attacker chooses to attack 
X = {(2,4),(3,4)} and the defender-operator chooses to traverse y={(1,2),(2,4)}, the 
upper bound is set at 7=4. Then, the master problem suggests defending w = {(3,4)} 
and, because 3 units of penalty (dy = 3) are subtracted from the current objective value, 


the bound is brought down to z =1. However, given the last attacks, the defender could 


a 


have done better by defending wW = {(2,4)} This would increase the lower bound to z =2 
when the defender traverses y = {(1,2),(2,4)}. 

Observe that when the defender has more resources than the attacker, this bound 
will always equal the uninterdicted shortest-path length. 


A valid lower bound can be obtained from the solution of the following capacity- 


expansion LP model, specialized for the DSP. 


[LPmxm] min ey +i"Cy’ (64) 
yy2 

s.t. Ay+A’y'=b° (65) 

Ky’ <b” (66) 

(1-%")y’=0 (67) 

yt+y'<1, (68) 


where D = diag(d), C = diag(c) and ec’ =(1—x)C + x(C + D). The vector y’ denotes the 
defender’s decision to protect and traverse an interdicted set of arcs and y denotes the 


defender’s decision to traverse and take no defensive action on a different set of arcs, 
which may or may not have been interdicted. Constraint (66) represents an upper limit in 
the number of interdicted activities that may be protected and then, traversed. Constraint 


(67) restricts the use of y’ to those activities that have been attacked. Finally, constraints 


(68) are the capacity expansion constraints for every activity. 


For the example presented above, the system transformation implied by the 


capacity-expansion LP model is depicted in the following figure: 


28 


G)—win.a6-~G) G)—«i..ui-~G ) 














Figure 3. Transformation of the interdicted system of Figure 1 to solve a 
capacity-expansion model and obtain a lower bound. The 
interdicted activities are “doubled” with a total cost of c, =c, +d,. 


Observe that the arcs are labeled in terms of cost and capacity 
instead of cost and penalty. 


The defender must choose a path from | to 4 that minimizes the cost and that 


implies the selection of, at most, one of the newly created arcs. 


Algorithm 1B is a modification of Algorithm 1 where, right after de master 
problem, the capacity-expansion model is solved for the previous pair of W and X. In the 
computational chapter, we shall see the tradeoffs between adding an extra step in 
Algorithm 1B to solve an LP, and more importantly, the improvement attained by 


tightening the lower bound as well as the validity of this bound. 


B. CAPACITY-INTERDICTION DEFENDER-ATTACKER-DEFENDER 
MODEL 


This model is introduced in formulas (11)-(14) and is repeated here for reference. 


It is a bi-level MIP, which is, again, difficult to solve directly: 


DAD’ mxm-CN1 min max min ec” 
y 
weW xeX  y20 


s.t. A’y =b” [a] 
y<U(-x+w)  [B] 
y<u [0] 
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As we claimed at the beginning of the previous chapter, any feasible w will 
eventually determine an upper bound z>z . We need to solve the Benders subproblem 


[DAD” mxx] for W: 


[DAD“” mxx-CN-SP] 


zZ(Ww)=max (b’)'a+(1—-x+W)'B+u’0 o) 
x,0,B,0 

st. (A’)'a+/B+10<c (70) 

a free, B<0, 0<0 (71) 

xeXx (72) 


However, the objective function is still non-linear in the term(1—x+w)’ B. Since 
w is fixed beforehand, we can break up the problem for the different values that w, can 
take on, either 1 or 0: 


e When w,=1, the k" activity cannot be attacked and the term 


(1-x+w)' B becomes >» 2B, 


kl =I 


¢ When w, =0 we have (1-x+w) B= > (1-x,)f, , which is still non- 


kl, =0 


linear. Extra variables and constraints are needed to linearize the term in 


this case: 
YY Ger yen = > B, 
ki, =0 kl, =0 
s.t. §, 2=-M (1-x;,) Vk|w, =0 
B. <8, + Mx, Vk|w, =0 
Bi <0 Vk, 


where M is a sufficiently large number so that the first inequality is obviated 


whenever x, =0. 


The subproblem can be rewritten as follows: 
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[DAD“” mxx-CN-SP] 
Z(W)= max (b’)'a+ 5 28+ ¥, Bl +u’o (73) 
a.,B,0,x 


ioe xhig=0 
st. (A’)'a+/B+/0 <e 
B.2-M (1-x,) Vk|w, =0 (74) 
B.< B+ Mx, Vk\|w, =0 (75) 
Bi <0 Vk (76) 


a free, B <0, B’<0, 0<0 
xeX 


With solutions (4, 6,0, x) <« ABOX obtained from the subproblem in all iterations 
up to the current one, we can solve the lower-bounding master problem: 


[DAD“” mxx-CN-MP] 
fuse teak (77) 
zZ(ABOX )= min Z 
s.t. 2>(b’)'@+(1-X+w)'B+u’6 V(4,B,0,%)< ABOX (78) 
where the set ABOX < ABOX enumerates all outcomes identified by the subproblem on 
every iteration. 
1. An Algorithm to Solve DAD-CN 
The following algorithm solves the reformulation-based DAD model. 
Algorithm 2: 
Input: An instance of [DADmxm-CN1], an allowable optimality gap ¢, and any feasible 
defense plan W’ (e.g., W=0). 
Output: An ¢-optimal defensive planw for [DADmxm-CN1] , as well as the optimal 


attack plan x and the optimal system-operation plan y . 


{ 





Initialize: Z <0; z<- -0; W< WwW"; ABOX < © 


While (Z-z>){ 
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Solve [DAD“”mxx-CN-SP] with input W (see equations (73)-(76)) to 
obtain an incumbent upper bound on the objective function z(w), the 
attack plan x and the dual variables 6,B,0; 
ABOX < ABOX U{(4,f.6.8)}: 
If (Z(W) <Z){ 

Z<Z(W);w <W; 

If (7-z<e) break from While loop; 
} 
Solve [DAD“’m&X-CN-MP] with input (4,f,6,%) < ABOX (See 
equations (77)-(78) ), to obtain z (ABOX ) and a new defense plan W ; 
z< z(ABOX); 


} 


Print (“¢ -optimal defense plan, activity levels and objective-function values are” 


w ,y,Z, “respectively.”) ; 


2. Implementation of DAD-CN Model for DSP 


We now proceed to implement DAD in its capacity-interdiction version for the 
DSP. We do not allow the defender-operator to traverse interdicted arcs, so we put into 


effect the first of the two models DAD“ mxm-CN1. 
Indices and index sets. The same as those used in [DAD mxm] 
Data. We must include here: 


u, =1 Nominal capacity of are (i,j). 
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Variables: 


a,; Dual variable for the operative constraints on each node 7. 

rhe Dual variables for capacity-interdiction constraints on every arc k 
B, Auxiliary variables for capacity-interdiction constraints 

6, Dual variables for the max-flow constraints on every arc 


Formulation of the basic problem for DSP: 


[DAD“”mxx-CN] 
min max a@,—a,+ > (1-x, +w,) A+ > Au, 


weWpsp —XEX psp 
B <0,0<0 keA keA 


Sst. @,-a,+B,+0,5c, Vk=(i,fyeA 


Formulation of the subproblem for DSP: 


[DAD mixx-CN-SP] 
Z(W) =max a, —@, + DS 28, + py pox yO, 


khiy j=l kl, =0 keA 

st. a, -a, +B, +0, <c, Vk=UjyeA (79) 
Bi>-M(1-x,)  VWkeAli,=0 — (80) 
Bi < B.+Mx, VkeAlv,=0 (81) 


XE X pop (82) 
B, <9, B, <0, 8, <0, a, free 





Constraints (79) are the optimality conditions for DSP; constraints (80) and (81) 


are used to linearize the model; and constraint (82) is the attacker’s resource constraint. 
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Formulation of the master problem for DSP: 


[ DAD“? mkk-CN-MP] 
z(ABOX) = min z 


Wie Wosp 


Cc. THE ATTACKER-DEFENDER-DEFENDER MODEL. 
This section proposes a method to solve the Attacker-Defender-Defender model 
in the capacity-interdiction version sketched in Chapter HI. The purpose is to obtain a 


lower bound on z for DAD. 


When we outlined the model, we mentioned that we need to use bounds to solve 
bi-level MIPs. For that reason, a decomposition algorithm seems appropriate. Since the 
outer layer is a maximization problem, any feasible & leads to a lower bound on z . This 


bound can be calculated by solving the following subproblem: 


[ADD”’xmm-SP] z(X)= min cy+(ce+d)y’ (83) 
wew, y>0, y’>0 

s.t. Ay+A’y'=b° [a] (84) 

y <U(1-X+w) __[B] (85) 

yty'<u [9] (86) 


As stated in the previous chapter, the inclusion of the second set of constraints 


allows us to model an interdicted activity k that cannot be used if it has been attacked 
(x, =1), unless it is defended. (Specifically for DSP, (y, =1)=>(w, =1) ). However, 
since the activity is artificially doubled by y,, it is still possible to use it, but only if the 
corresponding per-unit penalty d, is paid. This alternative action is characterized by 
setting the variable y, =1. The third constraint keeps the values of y andy’ within the 
capacity limits. (For certain type of problems such as DSP, we can assume that, since 


w is binary, y>Oand y’>0 will lead to binary solutions.) 
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The vectors y and W extracted from the solution to the subproblem (we need to 
form anew y<yty’ ), are now useful to compute an upper bound, which will be given 


by the optimum value of the following master problem: 


[ADD” xrium-MP] Z(WY) = max z (87) 
s.t. Z <(¢’ +(x" -w") Djs V(W.y)eEWY (88) 


Here, constraints (88) represents Benders cuts based on the pair (w.y)eWY 
coming from all previous SP solutions. The set WY denotes the (W,¥) pairs identified 


by the algorithm. When WY cWY, the master problem is a relaxation of ADD’ xmm 
and z(w,y), which denotes the solution of the master problem given (Wy) , IS an upper 


bound on the objective value. 


1. An Algorithm to Solve ADD 


In the following two sub-sections, we propose an algorithm to solve the 


reordering-based ADD using decomposition, and implement the algorithm for DSP. 


Algorithm 3: 
Input: An instance of ADDxmm and an allowable optimality gap ¢, any feasible attack 


plan &°(e.g., ¥° =0). 


Output: An ¢-optimal defensive plan w for ADD’ xmm., as well as the optimal attack 


plan x’, optimal system-operation plan y’ and a lower bound for DAD (2 pan < Zapp): 


{ 


Initialize: Z <0; ze -w; KX X°; WY KS; 





While (z-z>e){ 
Solve [ADD kmm-SP] with input & to obtain an incumbent lower bound 
z(X), defense plan w, and operating plan y<-yty’; 
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If (Z-z<e) break from While loop; 
} 
Solve [ADD xmm-MP] for all(w,y) derived from WY , to obtain an 
upper bound Z(WY) and a new attack plan x; 
Z<ZWY); 
} 


Print (“ADD ¢ -optimal defense plan, activity levels and DAD lower bound values 


* * * e 
are? Ww ,y , Z , ‘respectively.”); 


2. Implementation of ADD for DSP 


Problem definition. The Shortest Path Problem (DSP), as defined in Section A. 
Indices and index sets. The same as those used in [DAD“’mxm] 

Data. The new data with respect to [DAD mxm] are: 

u, =1 Nominal capacity of arck 


Variables. Here, we must add: 
y; Defender’s decision to traverse arc k which has been attacked and not 


protected. y, =0 ifarc k is traversed, and y, =0 otherwise. 


Formulation of the basic problem for DSP: As in the previous subsections and, 


for clarity, we start with the formulation of the basic problem: 
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[ADD xmm] max min Diet Ce tay \y; 


XEX psp weW)sp 
yy’ 


1 
st. Y (ytyd- Oty =4 0 
keFS(i) keRS(i) -] 
y, <d-x,+w,) VkEA 
y,+y, <1 VkeA 
Formulation of the subproblem for DSP: 
[ADD kmm-SP] 
z(k)= min ey +(c, +d, ) yy, 
welpse ke A 
1 ifi=s 
st YO, tyI- YY Opty =4 0 Vie N\{s,t} 
keFS(i) kERS(i) = if i =f 
y, $0-%,+w,) VkeA 
y,+y, <1 VkeA 
y, 20, y, 20 VkeA 


Vie N\{s,t} 


(89) 


(90) 


(91) 
(92) 
(93) 


Constraints (90) represent standard flow-balance constraints for a shortest-path 


problem. Constraints (91) are the capacity-interdiction constraints for every arc 


(although, for fixed &, these are actually capacity-expansion constraints). Constraints 


(92) are the flow capacity constraints. Since u, , =1 (already implemented in the model), 


either y, , or y, , must be chosen by the defender-operator. 


Formulation of the master problem for DSP: 


[ADD” xmm-MP] 
Z(WY j= max Zz 


XEX psp ,Z 


st. z< > (c,+x,(1-%,)d,) 5, VW.) eWY 


keA 
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(94) 


(95) 


D. A SPECIALIZED ALGORITHM TO SOLVE DSP 
The previous section illustrated the implementation of ADD for DSP. Let 
DSPxmm be an instance of [ADDxmm] where attacker and defender have cardinality 


constraints on their actions. Then [DSPxmm] may be viewed as follows: 
e The attacker finds an interdiction plan x; 


e The defender chooses up to b” interdicted arcs, whose cost is (c, +d,), 


and converts them back to their original cost c, ; and 


e Finally, the defender-operator solves the shortest-path problem through 


the network. 


A max-min-min is just a max-min where the inner two stages (the defense and the 
system operation) are carried out simultaneously. The problem can be envisioned as a 
type of network-interdiction problem and solved as the “Maximizing the Shortest-path” 
(“MXSP”; see Israeli and Wood 2002) in an expanded network with the following 


structure: 
The network G of Figure 4 is expanded in levels as shown in Figure 5. 
Essentially, each level is a copy of the original network. In addition, an extra set of arcs, 


denoted by k’<.A/, links levels and allows the defender to jump from one level to the 


next. These “between-level” arcs k' are not subject to interdiction and each mimics its 
fellow “same-level” arc. However, each head points to the corresponding node in the next 
higher level. The number of levels equals the number of defensive resource available plus 


one. (For example, if the defender has four units of defense resources, the network gets 


expanded in levels zero through four, i.e., £ = {0,1,2,...,L} where L=b” =4). In this 
particular example, the defender has one unit of resource (>" = 1) and the network is 


expanded by only one level. 
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@ 
— ae NETWORK 


Lee 


Figure 4. Original network G with 4 nodes and 4 arcs that represents a 
hypothetical shortest-path problem that the defender must solve. 


i. 
en id ” 


——?& “Same-level” arcs 
-~& “Between-level” arcs 


Figure 5. | Expanded network G* when b” =1. Solving the network- 
interdiction problem in G* is equivalent to solving ADD in G. 


If N denotes the set of all nodes in the original network, \’* = NxL is the set of 
all nodes in G* =(N*,A*), that is, N* = U Vistas 2 inf 


ieN ,leL 
Likewise, if A represents the set of all arcs k in the original network, A> is the 


set of all “same-level” arcs in G*, Aj = Bre ee and A; is the set of all 


keA 


between-level arcs, A? = (J {kj,k/,....kt,}. Then, A* =A} UAS. 


k'c At 
The defender-operator must traverse from the source node at level zero to the sink 


node located in the uppermost level. 


[MXSP”” ] max min (c’ +x’D)y+e'y’ (96) 


XEX pop y20,y'20 


s.t. Ay+A’y'=b) VieL [a] (97) 


The new variable y’ corresponds to the defender-operator’s decision to jump 
from one level to the next, skipping any possible interdiction and paying the original cost. 
The functioning of the variable y’ is very similar to the y’ used in ADD (see equations 
(83)-(84) ). However, in this case, we do not need a constraint to control the expenditure 
of defense resource. This is because the structure of the new network itself will force the 


defender to pick exactly b” arcs to defend. 


Observe now that, as opposed to the generic models, after fixing x , everything is 
linear in the objective function. If we take the dual of the inner min problem, we obtain 


the following MIP: 


[MXSP“* ] max max (b))’ x, (98) 
xEX psp 1 
S.t. (A’)y’ m™, <c+ Dx ly] (99) 
(A”)' a, Se [y’] (100) 
mt free 


Since this is still an NP-hard MIP (Israeli and Wood 2002), it may be difficult to 
solve for large problems. Because we are expanding the network by adding more levels 
according to the number of defensive resources, the number of decision variables 
increases. A simple, square-lattice network with 25 nodes on each side has only 2,400 


arcs, but if b” =10, [MXSP“”] has 45,600 variables. 


1. Implementation of MXSP in G~ 


Problem definition. Maximize the shortest s-t path in an expanded directed 
network G* by interdicting arcs. (Note that the formulation uses data and notation from 


the original network G rather than the expanded network G* ). 
Indices and index sets: 
i,jeN Nodes in G=(N,<A) 


fee Levels £L= {0,155 E} where L =b" (defense resources) 


keA Arcs in G=(N,A) 
40 


S Source node in G =(N, A), located at level 0 


t Sink node in G =(N,.A), located at level L 
FS(i) Forward Star of node ie V 
RS(i) Reverse Star of node ie NV 


Data: Similar as those used in the DAD implementation (Section 4) 
Variables: 
y,,  Defender’s decision to traverse arc k at level /. y,,; =1 if arc is traversed, 


y,, =0 otherwise 


y,,  Defender’s decision to defend and traverse arc k between levels / and 


I+1. y,, =1 ifarc is traversed, y,,=0 otherwise 


Problem Formulation: 


[MxXsP"”] 
max min) > (ce, +4,%) Yn + >, > Cy (101) 
XEXpsp YY LTA Top keA leL\{L} 


1 fori =sandl=0 
st > Oy td- YY Out yud=)9 VEDENxLA{(s,0),@,£)} (102) 


keFS(i) keRS(i) _ 
-l1 fori=tand/=L 
y,, 20VKEA, VlEL (103) 


yy, 2OVKEA, VlEL\{L} (104) 


Constraints (102) are the flow-balance constraints on every node in G”. 
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Formulation of dual problem: 


[MXSP“* ] 
(105) 
max 7,;—Z,9 

St. 7,,-1,,-4,x%,S5¢, Vk=G,fyeA, VleL [y,,] (106) 
Riy- Bj St, Vea eA, Vle L\{L} [yy] (07) 
1,9 =0 (108) 
XE X psp (109) 

m free 


Constraints (106) and (107) are optimality constraints for DSP, and constraint 
(108) normalizes the dual variables (this is valid since the inner min problem has one 


redundant flow balance constraint). 


Chapter V shows computational results obtained for a batch of hypothetical 
networks of different size and shape. It, also, investigates the quality of the bound it 
produces with respect to DAD. Further, it shows the differences from the more generally 


applicable ADD solution method implemented in Section C. 


2. Solving MXSP by Decomposition [MXSP“ -D] 


Another possible approach to solving MXSP is using a decomposition method. In 
doing so, we will be dealing with constrained shortest paths on one hand, and the typical 
cuts of a master problem on the other. Since that outer layer is a maximization problem, 


any feasible attack plan (x) will give us a lower bound on the objective function. We can 


get this bound by solving the following subproblem: 


[MXSP’’-SP] z(%)= min (ce? +%’D)y+e'y’ (110) 
y>0, y’>0 
st. Ay+A’y=b, VleL [z,] (111) 


Let Y'Y =Y'xY denote the set that contains all possible pairs of (y’,y). In 


addition, YY cYY is just a subset of Y'Y , where only certain defensive/utilization pairs 


have been identified by the following master problem: 
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[MXSP"’-MP] Zz(Y'Y)= max z (112) 


Z,XEX psp 
st. zSt(ce +x"D)¥ +e"f’ VN.H)EYY (113) 
The solution of this master problem, as with previously discussed decomposition 


algorithms (see Section IV.C), yields an upper bound on z’. 


The subproblem is an LP with an totally unimodular constraint matrix (Ahuja, 


Magnanti, and Orlin, 1993, pp. 447-449). Thus, the variables y and y’ only need to be 
non-negative and continuous, and will adopt a binary values intrinsically. 


However, the master problem is still a MIP and the vector x (the attacker’s 


decision variables) must be binary. Essentially, we are dealing with another difficult 
problem. We might try to tighten it by using of well-known techniques to reduce the size 
of the feasible region for the LP relaxation of the MIP, adding integer cutting planes, but 
that is beyond the scope of this thesis. 


a. An Algorithm to Solve MXSP by Decomposition 
The next two subsections propose a decomposition algorithm to solve 


[MxSP*” -D]. 


Algorithm 4: 

Input: An instance of [ADDxmm] ([DSPxmm]), preprocessed by expanding the network 
and transformed into an instance of MXSP , and any feasible attack plan x° (e.g., x° =0). 
Output: An ¢-optimal defensive plan y” for ADD, the optimal attack plan x’, the 
optimal way to operate the system following a worst-case attack y’ , and a lower bound 


for DAD, Z pap < Zuxsp- 


{ 





Initialize: 7<- 0; ze KC KS VY — O; 


While (Z-z>e){ 
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Solve [MXSP’’-SP] with input X to obtain z(X), and the optimal 


combination of defensive and operating plans 9,9; YY CYY Uf); 


If (7-z<6) break from While loop; 


} 


Solve [MXSP“’-MP] for all (¥’,9) € YY, to obtain Z(Y'Y) and the next 


attack plan x ; 


Z<ZYY); 


Print (“¢ -optimal defense plan for ADD, activity levels and lower bound 


for DAD are” y" , y , z , “respectively.” ; 


} 


b. Implementation of MXSP in G* by Decomposition 


Indices, sets, parameters, and variables of this formulation are the same as 


those proposed in the direct implementation of MXSP. The first subproblem is 


implemented as follows: 


[MXSP”” -SP] 


z=min > (4. +4 dt Dy ae 


¥.¥ keA leL keA leL\{L} 
1 fori =s,/=0 
st. >) Oty - DY Out y=) 0 VEDENxLA(s,0,65)} 
keFS(i) kERS(i) -lfori=t,1=L 


y,,20VKEA, TEL 
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ye ZOVKEA, TEL\{L} 


The master problem is: 


[MXSP“” -MP] 
Z(y,¥) = max z 


xEX psp 


(115) 


s.t. 25 (c,+4,.%)3u4+> dX ah VOMEYY (116) 


keA leL keA leL\{L} 
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V. COMPUTATIONAL RESULTS 


This chapter presents results obtained by testing the four algorithms described 
above against hypothetical grid networks, with fixed structure and randomly generated 
arc attributes. The grids are created using Java code (Sun Microsystems 2004) using the 
pseudo-random number generator included in Java’s class “Random.” The algorithms are 


implemented in GAMS (GAMS Development Corporation 2007). 


A. COMPUTATIONAL RESULTS FOR DAD MODELS 


This section shows the results when DAD is implemented to solve DSP 
(Defending the Shortest Path, i.e., the tri-level shortest-path defense problem) for a 


network with the following characteristics: 


e Square topology similar as Figure 6 with a 10x10 grid of nodes (plus 


source and sink). 


e There is one source node s and one sink node t. Arcs k departing and 


arriving to these nodes have cost c, =1 and interdiction penaltyd, =0. 





Figure 6. | Network square topology with an nxn grid of nodes. 


e Other arc costs c, and penalties d, and penalties, except those mentioned 


above, are randomly, uniformly distributed on [0,1] and [1,2] respectively. 
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The XPRESS solver is used within GAMS (XPRESS Solver Manual, GAMS 
2007), with an absolute termination criterion of ¢,=0.01, i.e., 1%, and the same value 
for the allowable decomposition gap (¢, =0.01). (Tests for z—z<e in the algorithms 


are replaced by (7 + é,)-(z—-&,) S Zé). 


The first experiment solves DSP as an instance of [DAD“’] using Algorithm 1 


and 1A, with the subproblem solved directly (standard decomposition) and by nested 


decomposition respectively. 


Table 1 provides summary statistics of execution time in seconds, elapsed time 
(which includes equation-generating time and other overhead), and number of iterations, 
for different interdiction and defensive integer resources. Appendix II displays a 


complete table with all combinations of attack and defensive resource ranging from two 





























to seven. 
Standard decomposition Nested decomposition Ratio 
Algorithm 1 Algorithm 1A 
CPU time Elapsed CPU time | Elapsed 

Attack | Defen. | A (sec.) time (sec.) | Iter. B (sec.) | time sec.) | Iter. | A/B 
2 2 2.7 4.2 4 1.2 7.5 4 2.30 

3 3 21.5 24.8 8 10.7 31.0 7 2.01 

4 4 109.6 114.8 11 57.3 124.9 14 1.91 

5 5 396.6 406.4 21 306.0 484.2 28 1.30 

6 6 3047.0 3067.6 43 1719.0 2075.9 32 1.77 

7 7 6278.9 6298.9 54 1490.0 1674.6 16 4.21 





























Table 1. 


Computational results for DSP using Algorithm 1 and 1A (Section 
IV.A.3.). The “standard decomposition” solves each subproblem 
directly, i.e., using LP-based branch-and-bound on the subproblem 
MIP. “Nested decomposition” solves the subproblem by Benders 
decomposition. “Ratio” represents the improvement in CPU times 
for the nested decomposition method with respect to the direct 
decomposition one. 
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On average, the nested decomposition runs 1.87 times faster than the standard 
decomposition. (We compute this improvement with respect to CPU time, because most 
of the extra elapsed time could be recovered by a more efficient implementation that 


avoided the GAMS overhead). 





Solution times for nested decomposition 


Solution times for standard decomposition 


4 cputime 





7 





6 


5 
attacks 





Figure 7. | CPU times for DSP problem using Algorithm 1. With less volume 
under the surface, which indicates fewer seconds to execute, the 
nested decomposition proves to outperform the standard DAD for 


almost all cases tested. 


Figure 7 shows solution CPU times for each model (standard and nested 
decomposition). The horizontal axes correspond to attacks and defensive resources. We 
can see how solution time increases as more resources come into play. Moreover, it can 
be observed that the amount of attack resource has remarkably more effect on solution 
time than does defensive resource. Finally, comparing both graphs, the smaller volume 
under the solution-time surface for the nested decomposition indicates, as also see from 


Table 1, a better overall performance. 


Algorithm 1B proposed in Section IV.A proves to be faster (1.64 times on 
average) than the standard decomposition method (Table 10 in Appendix II). The 
tightening of the lower bound by solving a capacity-expansion LP is especially useful in 
the early iterations of the decomposition algorithm. For the first 6 problems tested (Table 
10) Algorithm 1B performs on average 4.70 times faster than Algorithm 1, but not too 
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much improvement is obtained on the remaining 30 problems (1.02) when more than 10 


iterations are typically needed to meet the algorithm’s optimality criterion. 


The next experiment explores the efficiency of Algorithm 2 (Section IV.B), when 


the same sample problems are solved by implementing the capacity-interdiction version 


of DAD, [DAD“”-CN]. Table 2 shows a summary of the results for different values of 
































“M’’. 
Algorithm 2 [DAD” -CN] Algorithm 2 [DAD” -CN] 
Capacity-interdiction (M=2) Capacity-interdiction (M=1) 
Elap. ; Elap. : 
CPU time E time Ratio CPU time F time Ratio 
A D (sec.) (sec.) Iter. A/IE (sec.) (sec.) Iter. | A/F 

2 2, 6.7 8.3 5 0.39 6.0 8.3 6 0.44 
3 3 31.8 35.0 6 0.68 19.2 21.4 6 1.12 
4 4 387.0 394.1 14 0.28 74.1 77.5 10 1.48 
5 > 1363.0 1369.6 18 0.29 296.1 303.9 17 1.34 
6 6 12620.0 12635.9 35 0.24 1799.0 1815.7 39 1.69 
7 yi 24210.0 24226.5 39 0.26 4717.0 4732.9 37 1.33 























Table 2. | Computational results for Algorithm 2 (Section IV.B.8.). The 
“ratio” denotes the improvement (decline) of the algorithm with 
respect to the performance of Algorithm 1 implementing the 
standard decomposition DAD model. The value of M is a key issue 
in the capacity-interdiction model. 


A careful selection of the value of M is required. A large value for M, such as 
M=2, is very expensive computationally speaking. As we see in the right hand side of the 
table, for M=1, Algorithm 2 is remarkably faster, close to one order of magnitude. In fact, 


its overall performance approaches that of the nested decomposition algorithm. 


However, if M is not sufficiently large, the algorithm may give an incorrect 
solution. Among all the cases tested for M=1 (Table 11 in Appendix II), in five occasions 
there is a discrepancy in the objective-function value. This means that the selected value 


of M is not large enough for the algorithm to work correctly. 
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B. BOUND QUALITY FROM ADD MODELS 


Although they solve different problems, the reordering-based ADD models have 


the ultimate objective of providing a valid bound for the general DAD problem. This 


section explores the quality of the bound and the execution times when the standard 


decomposition algorithm for DAD model (Algorithm 1) is compared to the general 


[ADD*’”] (Algorithm 3 in Section IV.C) and the specialized ADD* model for DSP 


([MXSP* ], Section IV.D). 


The network used in this test is the same 10x10 lattice used in the previous 


section. Note that the attacker always gets his original amount of resource plus the 


defender’s resource: b* =b* +6, where 6=b”". 


As we observe in the columns for the “relative differences” in Table 3, [ADD*”” ] 


and [MXSP*’”] provide a reasonable lower bound for the objective value, although it 


seems to worsen when more resources are added to the problem. 




































































| [DAD] [ADD*”] [MXxsP*!] 
Algorithm 1 Algorithm 3 
eae | ge Wp E lll) ot 1 saree aerate | EE Wo ||) cage laperaiee| SEY 
(sec) aa (sec) - (sec) 
2 3 4.58 3.4 4.58 0.00 0.0% 34.2 4.55 0.03 0.7% 44.0 
2 4 4.58 4.1 4.53 0.05 1.1% 353.9 4.53 0.05 1.1% 1350.0 
3 3 4.75 21.5 4.49 0.26 5.5% 104.8 4.55 0.20 4.2% 540.5 
3 4 4.75 32.9 4.58 0.17 3.6% 477.6 4.55 0.20 4.2% 190.8 
4 2 4.96 66.6 4.59 0.37 7.5% 80.0 4.58 0.38 7.7% 879.1 
5 2 5.20 150.8 4.59 0.61 11.7% 321.8 4.59 0.61 11.7% 3621.0 
5 3 5.07 211.0 4.59 0.48 9.5% 4916.0 4.58 0.49 9.7% 5632.0 
Avg 5.5% Avg 5.6% 























Table 3. 


attack and defensive resources respectively; 
objective-function value of DAD model for the related problems; 


z denotes the bound provided by ADD* models; and the “diff” 


column represents the difference between z and z . 


SI 


Bound quality for ADD* models solving DSP. “A” and “D” denote 


denotes the 


As proposed in Section III.B, we would like to use the solutions provided by both 
[ADD*"’] and [MXSP*"’], as a strong bound for DAD. Furthermore, by means of 


solution-elimination constraints, we could approximate the bound to the objective- 
function value to meet the optimality criterion. However, as shown in Table 3, the 


solution times at the same level of tolerance, are not comparable: those for the standard 


decomposition DAD model are one order of magnitude faster than those for [ADD*"’] 
and [MXSP*’"]. 

Algorithm 4, presented in Section IV.D, proposed a decomposition method 
[MxXSP*'’’-D] to solve [MXSP*’’]. The former proves to be faster especially for 


networks with square topology as in this case (See results in Apendix II). In fact, when 


we run the same problems of Table 3, [MXSP*’’-D] is 2.56 times faster than 
[MxSP*'”], on average. However, solution times are still too long compared to those of 


standard DAD (Algorithm 1). 
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VI. PRACTICAL EXAMPLE 


This chapter illustrates an example based on a hypothetical emergency 
deployment of a unit of the Spanish Marine Corps. This exercise requires the solution of 
an instance of DSP (Defending the Shortest Path) to plan defenses for a small Infantry 
entity that needs to traverse from its home base in San Fernando to the Naval Base in 
Rota, for emergency deployment. All the information used in this example has been 
gathered from open sources, such as the Internet, journals published by regional traffic 


management authorities, and the Spanish Department of Defense. 


A. PROBLEM DEFINITION 


The home base of the Spanish Marine Corp Brigade is located in the city of San 
Fernando, province of Cadiz, in the south of Spain. The city has a population of over 
90,000 (Wikipedia 2007), is expanding rapidly and the brigade’s movements just outside 
the base can easily become entangled in the consequent construction activity. This fact is 
important in this scenario: The brigade needs to reach the Naval Base located in Rota, 


thirty miles north of San Fernando at the opposite side of Cadiz Bay (Figure 8). 


The Special Operation Forces (SOF) are also located in the same military 


installations as the Brigade. 
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Figure 8. Map of Cadiz Bay (Spain) showing the two sites of interest (Map 
from Wikipedia 2007). 


Let us consider the following hypothetical scenario: A frigate from the 41“ Fleet 
Squadron (home-based at Rota Naval Base) is alerted and receives orders to get 
underway immediately for a maritime interdiction operation against a suspect vessel 
transiting through the Strait of Gibraltar. For that mission, an estol (a small special 
operations unit) is also alerted, and ordered to transit to the dock in Rota Naval Base, 
prior to the frigate’s departure. Since air assets are already committed to other tasks, the 
estol must transit using its own means, which means with humvees and trucks. The 
suspect vessel is operated by a terrorist organization that soon becomes aware that the 
most likely spot for the vessel to be interdicted is precisely in the Strait (in Spanish 
territorial waters). Thus, a terrorist dormant cell is alerted to conduct counter-deployment 


actions. 
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Since the estol (who plays the role of the “defender-operator’’) constitutes a small 
and indivisible infantry unit, we will model its transit to destination as a shortest-path 
problem: the estol must transit from San Fernando (source node) to Rota (sink node) in 


the minimum possible time. 


Continuing with the scenario, the now-active terrorist cell, i.e., the “attacker,” 
comprises six autonomous units with enough striking power to put road segments out of 
action for at least one hour. We might envision an attack as a chemical spillage caused by 
a deliberate wreck of a previously hijacked truck. This truck transports hydrogen cyanide, 
which is a widely used agent in many industrial processes and has a persistency in soil 


close to one hour (Sidell 2002). 


By means of intelligence reports, this information is known by the estol’s Special 
Operations Forces command, i.e., the “defender.”” SOF command has the option to plan 
ahead, which means deploying up to 10 patrolling units along the road network. To 
minimize the maximum transit delay the terrorist cell can achieve, SOF command must 
solve a tri-level optimization problem to use sparse resources wisely. This and similar 
scenarios would probably be foreseen, however, and the solution to this problem would 


be available “off the shelf.” 
Further assumptions for the problem are: 


e By traversing an interdicted road, the estol “agrees” to pay the penalty in 
its entirety. The full delay is incurred if the road segment is traversed, 
regardless of the time it takes the estol to get there. (We are being 
conservative with respect to the estol’s transit time, because some cleanup 
might have been completed by the time that the estol reaches a section of 


road that has been attacked.) 


e At time zero, when the esto! starts its mission, all transit assets (1.e., 


vehicles and trucks) are available for immediate use. 


e The model does not account for transit delays in road intersections. 


Be) 


B. BUILDING THE NETWORK 


Given the background above, the next step is to develop a model of the relevant 
road network. This is facilitated through road maps of the Cadiz Bay area, information 
provided by local authorities regarding traffic routes (Consejeria de Obras Publicas y 
Transportes 2006), and satellite images downloaded from the Internet (Google 2007). A 
total of 195 nodes are identified. Table 4 shows a snapshot of the list containing all 
nodes, each with a brief description, the city or county they belong to, geographical 
position in latitude and longitude coordinates, and the node type (with 1 being the source, 


—| the sink, and 0 indicating a transit node). Appendix III presents the full table. 











1 TEAR San Fernando 36° 28'43.83"N 6° 11'30.05" W 1 
2 Armada & la Clica San Fernando 36° 28'51.96"N 6° 11'28.67" W 0 
3 La Carraca bridge San Fernando 36° 28'49.28"N 6° 10'50.59" W 0 
4 La Carraca dock San Fernando 36° 20'54.69" N 6° 10'51.59" W 0 
5 Arapiles rd & La Carraca rd San Fernando 36° 28'43.55"N 6° 11'02.54" W 0 
6 Fadricas rd & Caserio de Ossio San Fernando 36° 29'00.20" N 6° 11'45.00" W 0 
7 Fadricas rd & Magallanes San Fernando _———*" WW 0 
8 Sfdo Train Station __ Sane — 


~~ ———Maaallanes & Ferrocaril_ _——— 


Table 4. Node-list snapshot for the sample network. It includes node 
description, location, geographical position and type (type “1” 
represents the source node, “0” a transit node and “—1” the sink 
node (not shown here). 


Since our question revolves around response times, the obvious cost on each arc 
will represent the nominal time a vehicle takes for a one-way transit. To find this time, 
we require two values for each arc: distance and speed. By dividing distance by speed, 


we obtain a transit time, hereafter referred to as “cost.” 


The distance values are found using maps and online navigation engines such as 
Google 2007. Finding speed values is not so straightforward, necessitating some 
subjective estimates. We develop a ranking scale of one to five representing five distinct 
average transit speeds, ranging from 15 mph to 55 mph, in intervals of 10 mph. Each 
route segment is assigned one of these values, based on the type of road (e.g., highway, 


freeway, local road) Also, other factors are taken into account such as the number of 
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lanes, the state of pavement, number of intersections, degree of straightness, etc. A total 


of 632 segments are labeled encompassing 453.4 miles of road. 


Finally, each arc of the network needs to be assessed in terms of amount of delay 
that an interdiction might cause. Two aspects are considered here: persistency of the 
chemical agent and the shortest distance (minimum time) to the nearest Civil Protection 
or Emergency Management Centers (we assume that setup procedures, safety protocols 
and cleanup tasks are implemented as soon as the first emergency-response team reaches 
the scene of the “chemical attack” and the clock starts running). The nine centers are 
located in the area map and the shortest distances from each one of them to every other 


node in the network are calculated. 

Let N = {1,2,...,207} denote the set of all nodes in the network and C = {1,2,...,9} 
denote the set of all emergency centers. Also, let g(c,n) denote the minimum cost 
(transit time) from emergency center ce C to node ic NV. Then, the delay coefficient 
d, , for the road segment (i, j) < A is calculated as: 


d= Pa {min (g(c,i))+max (g(¢, j ») 


ceC ceC 


where p, denotes the persistency of the chemical agent. The second term represents the 
average of response times to the head and tail node of the arc (i, 7), in case this arc is 
attacked. We are assuming that emergency centers have enough capacity to provide 
response teams for all possible incidents, and that response teams are not themselves 
subject to delays. (Response teams have protective equipment and can pass easily 


through one attack site to reach another.) 


The following table shows a snapshot of the list containing, for every arc, its 
transit-speed rank, length (miles), transit-speed (mph), cost (hours), and penalty if 
attacked (hours): 


a 


1 2 2 0.11 25 0.004 1.237 
1 8 1 0.39 15 0.026 1.233 
1 32 1 0.38 15 0.025 1.233 
2 1 2 0.11 25 0.004 1.237 
2 3 3 0.68 35 0.019 1.237 
2 6 2 0.6 25 0.024 1.246 
- 31 2 1.17 Ea. | 
a 3 


Table 5. Snapshot of the arc list for the sample network. It includes tail and 
head nodes, transit-speed rank, distance (miles), transit-speed 
(miles/hour), cost (hours) and delay (hours). 


Appendix III provides a complete listing of the final network data. 


C. SOLVING THE PROBLEM 


Algorithm 1, based on [DAD‘’mxm], is implemented in GAMS (GAMS 


Development Corporation 2007) with the following runtime parameters: 
e Solver for LPs and MIPs: XPRESS (v. 16.10) 
e Absolute and relative termination criterion for MIP: 0.0 


e Allowable relative gap between bounds in the Benders decomposition 


method: 0.0 


Computation is performed on a personal computer (Processor x86, Family 6, 
Model Genuinelntel 1596 Mhz with 1 Gb of RAM). Table 6 shows the results for this 


problem: 


58 























Estol deployment example. Summary 1 [DAD] 
CPU time | 9,112.0 | sec. | 
Num. variables in master problem | 633 | | 
Num. of iterations in the algorithm 184 | 
Shortest s-t path length with no attacks | 0.5288 | hrs 
Shortest s-t path length with 6 attacks, no defenses | 2.7356 | hrs 
Shortest s-t path length with 6 attacks, 10 defenses | 1.7019 | hrs 


Table 6. | Computational results for Algorithm 1 [DAD’’]. The number of 


equations in the final master problem comprises 184 “cuts” plus 
one resource constraint. 


The complete optimal defense plan is listed in Table 13. As anticipated, the 
defender-operator (estol) does not use all the road segments that have been defended 
(w, =1*s y, =1). The reason is that the SOF Command, lacking defensive resources to 
protect one route entirely, seeks to spread the patrolling effort among the main three 
routes out of San Fernando city. With six units of resource, the terrorist group is able to 
interdict each of those, achieving the group’s goal of delaying the estol’s transit to its 


destination. Figure 12 depicts this solution over the area map. 


Next, we proceed to test the other algorithms to see how well they perform on this 
problem. Table 7 shows the results obtained when applying [DAD’’-CN2] (see 
equations (18)-(21) ). 




















Estol deployment example. Summary 2 [DAD“ -CN2], (M=2) 
CPU time | 43,000 | sec. | 
Num. variables in master problem | 633 | 
Num. of iterations in the algorithm | 49 | 
Shortest s-t path length with no attacks | 0.5288 | hrs 
Shortest s-t path length with 6 attacks, 10 defenses | 1.7019 | hrs 


Table 7. | Computational results of Algorithm 2 [DAD -CN2] with M = 2.0 


The algorithm yields the same solution, but it takes almost 12 hours to solve. The 


burden of the algorithm is the value of the M coefficient. Consequently, different values 
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of M are tried: For M = 1, the problem only takes 3,085 seconds (51 min.) but the 
objective value that it yields (1.6361) is 3.9% smaller than what it should be. With 


M=1.2=max,d,, Algorithm 2 finds the optimal solution (and proves optimality) in a 


more reasonable completion time of 3 hours and 9 minutes. 


Implementing [ADD“’] to compute an optimistic lower bound for this problem 


leads to a dead end. Since the defender has more resources (10) than the attacker (6), the 
former is able to nullify all the attacks and always bring down the lower bound to the 


value of the shortest s-t path with no attacks. 


On the other hand, the decomposition algorithm for [ADD*”’] (Algorithm 3 in 
Section IV.C), with 16 units of resource for the attacker, moves its bounds sluggishly 
toward the optimal value of the problem. After 10 hours of execution, the lower bound is 
still only 0.58 (and not close to proving optimality because the global upper bound is 
4.11) versus a potential value as large as_z =1.709. Since the d coefficients are a critical 
parameter in ADD models, we apply a systematic reduction of 0.5 hours to all road 
segments, hoping that the solution is still valid and the bounds converge more quickly. 


However, the convergence of the bounds is still too slow. 


inally, as an alternative way to solve and to obtain an optimistic 
Finally Iternat y to solve [ADD*”’] and to obt ptimist 


lower bound on z’, the specialized model [MXSP*”” ] is run with 16 units of resource for 
the attacker and 10 for the defender. The problem solves in under 3 hours but yields an 


optimal objective value of 0.53, which still is too far from z’ =1.709 to be of any value. 


D. ANALYSIS 


Because of the particular structure of the road network for this deployment 
problem, the terrorist group can, with six strikes, disrupt all main routes that connect San 
Fernando and Rota. The estol has no other alternative than to wait for the completion of 


at least one cleanup, which, unavoidably, delays its transit to the Naval Base. 
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A quick look at the solution shows that attacks are spread throughout the network 
and not concentrated around the source and sink nodes. The reason for that might be that 
the attacker gains a little more reward by placing his attacks far from emergency- 


response centers. 


Algorithm 1 seems to be the most useful method to solve DSP for this scenario. In 


addition, Algorithm 2 [DAD-CN] offers a reasonable alternative, provided that that the 
constant M is selected carefully. 


The fact that the penalty coefficients are much greater than the costs (30.52 times 


larger on average), makes the problems difficult to solve (see Israeli and Wood 2002). It 


+LP 


becomes clear in the implementation of [ADD*™ |, where the time required to solve (11+ 


hours) is unacceptable for practical purposes. Therefore, those coefficients need to be 


reduced or tightened in such a way that they remain valid for the original problem. When 
we try this technique on Algorithm 1 [DAD‘’], by artificially reducing all d, 


coefficients by 0.50 (the smallest penalty is still larger than the shortest s-t path with no 
attacks), we obtain the correct solution and, interestingly, a remarkable reduction in 


execution time (4,359 seconds). 


However, the d, coefficient-reduction technique does not seem to work with 


[ADD*]. 
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VU. CONCLUSIONS 


This thesis has defined and developed tri-level models to solve the problem of 
defending critical infrastructure. The objective of the defender in the outer level of these 
models is to protect a set of activities given a certain amount of defensive resource. The 
goal is to minimize the worst damage that a potential attacker can inflict to the system. 
Damage is measured by increased costs at the innermost level, assuming that the 
defender-operator operates the system optimally. Of course, “cost” can represent 
unsatisfied demands, time delays in achieving goals, and minimizing “cost” can also 


represent maximizing effectiveness, e.g., system output. 


We have formulated a DAD model that is, apparently, solvable only through 
decomposition. Algorithm | is devised to solve the DAD model. The master problem of 
this decomposition algorithm looks like a master problem for a standard Benders 
decomposition of a mixed-integer linear program, but the subproblem is a mixed-integer 
linear program (MIP) rather than standard linear program (LP). Algorithm 1 solves this 
MIP directly, i.e., with LP-based branch-and-bound, while Algorithm 1A solves the MIP 
by Benders decomposition, and thus, it may be viewed as a nested decomposition 
algorithm. Algorithm 1A proves to be almost twice as fast as Algorithm 1 (1.87 times 
faster, on average) on test problems that involve “defending the shortest path” (DSP). 
DSP represents a situation in which the defender-operator needs to solve an A-B shortest- 
path problem to operate the system optimally, that is, he wants to move from node A ina 
road network to node B in the minimum time possible; the attacker seeks to maximize 
this minimum path length by interdicting a limited number of road segments and making 
them impassible (or adding a delay to their traversal times); but before any attacks occur, 
the defender can make a limited number of road segments invulnerable to attack. against 
a limited number of attacks so as to reduce effects. The defender’s goal is to minimize the 


maximum shortest-path length. 


For a small number of offensive and defensive resources, the overhead of a nested 
decomposition algorithm suggests the use of the standard decomposition method 


(Algorithm 1). In addition, for the size of the shortest-path network, the factor “available 
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attack resource” proves to affect solution time more than the amount of defensive 


resource, specifically, more attack resource leads to longer solution times. 


Algorithm 1B is similar to Algorithm 1 except for the inclusion of a capacity- 
expansion LP to tighten the lower bound. This proves to be especially useful on the early 
iterations of the algorithm. In the cases where the numbers of attacks are sparse and the 
algorithm typically tends to solve with few iterations, 1B is, on average, 4.70 faster than 


Algorithm 1 for the DSP on a square lattice. 


A different approach to the tri-level problem is the reformulation-based capacity- 


interdiction model [DAD-CN]. This formulation is somewhat more complex than the 


general DAD alluded to above and is more difficult to implement. It too requires a 
decomposition algorithm to solve (Algorithm 2), and it proves to be almost as fast as 
Algorithm 1A. Its solution times depends heavily on a “big-M” value used in linearizing 
the model. An excessively large value weakens the subproblem and leads to a poor 
performance in terms of completion time. On the other hand, a too small value of M 
speeds up the algorithm but does not guarantee a correct solution. It might be interesting 
for future research to investigate useful techniques to tighten the upper bound coming 


from the decomposition subproblem by selecting an appropriate value of M. 


Interchanging the order of the first two levels of optimization in the model, that is, 
converting min-max-min into min-min-max, can provide an optimistic (lower) bound on 
the optimal DAD objective-function value. We give the advantage to the defender, who 
sees the attacker’s plan before defending the system and operate it. The quality of the 
bound provided by this reordering-based ADD might be poor, however, but we have 
shown that it is possible to improve the bound by adding appropriately to the attacker’s 
resource to create “ADD*.” The relative differences between the bound obtained from 
ADD" and the optimal value of DAD are reasonably small (5.5% on average) when the 
DSP problem is implemented on a square lattice, although these differences tend to 
increase as resources for both attacker and defender increase together. We would like to 
use this bound in the solution of DAD. However, the computational times observed for 


ADD" are excessive, some times larger than solving DAD by, say, Algorithm 1. 
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Interestingly, for DSP, ADD” can also be solved as a “Maximizing the Shortest- 
Path” (MXSP) in an expanded network, assuming that the attacker and defender are 
constrained only by the number of arcs that can be attacked or defended respectively. 
MXSP is a bi-level attacker-defender network-interdiction model. The original network is 
expanded in levels according to the number of arcs that can be defended. MXSP can be 
solved directly or by using Benders decomposition. The latter method proves to be faster 


than ADD” itself, but it is still too slow compared to DAD, at least for DSP. 


A practical DSP example is presented to illustrate the effectiveness of the models 
and solution procedures to solve realistic problems. Essentially, a small Spanish infantry 
unit must traverse from the Marine Corp HQ to the Naval Base for immediate 
deployment, using the road network in Cadiz Bay (Spain). A terrorist group is able to 
interdict up to 6 road segments, and the Marine Corp Command has the option to plan 
ahead, protecting 10 segments by means of armed patrols. The network built to represent 
this example contains almost 200 nodes and 630 arcs. The problem is solved by 
Algorithm 1, implemented in GAMS, in a reasonable execution time of two and a half 


hours. 


The fact that the penalty coefficients are much greater that the costs makes the 
problems difficult to solve. Thus, a systematic reduction in all coefficients was made in 
hopes that the solution obtained is still valid. As a precautionary measure, no penalty 
should decreased below the value of the shortest s-t path without attacks. The procedure 


in this case proves to be valuable, cutting down the execution time by half. 


In future research, it may be interesting to explore other instances of the tri-level 
problem, perhaps one in which the theory developed here regarding ADD, applies better 
than the DSP. 
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APPENDIX I. NOTATION 


The following describes the notation and major symbols used in this thesis. 
Particular cases may need additional notation and this is explained when used. Vectors, 
represented by lower-case bold letters, are column vectors. Uppercase letters represent 


matrices, and Greek letters dual variables. 


67 








= [Dalwinarmnesese 
P [Dalai saeiceseane 
O 


Real number 





Real number that usually denotes tolerance 


Dual variables for railroad constraints (practical example) 


Dual variables for capacity constraints 


Dual variables for operating constraints 


Optimal value or solution (e.g., z’ ) 





Table 8. Notation and definition of terms used. 


68 


APPENDIX IL. DETAILED COMPUTATIONAL RESULTS FOR 
PROBLEMS IN CHAPTER V 


A. STANDARD DAD AND NESTED DECOMPOSITION 





































































































Standard decomposition | Nested decomposition | Ratio 
Algorithm 1 Algorithm 1A 
Time A Elap Time B Elap 
Problem | Att. Def. (sec) (sec) Iter (sec) Time Iter A/B 
1 2 Z 2.7 4.2 3 1.2 7.5 3 2.30 
2 2 3 3.4 5.3 4 3.3 13.2 5 1.04 
3 2 4 4.1 6.4 5 3.1 17.6 7 1.32 
4 2 E) 4.3 7.0 6 3.9 21.5 9 1.12 
5 2 6 7D 12.1 10 4.5 23.2 10 1.66 
eens : ee ees aa Nia a ce wee U8 ee ee 
7 3 2 17.4 20.7 5 12.2 38.3 6 1.43 
8 3 3 21.5 24.8 7 10.7 31.0 6 2.01 
9 3 4 32.9 39.2 13 27.5 68.8 11 1.20 
10 3 5 39.9 48.5 17 29.9 74.6 14 1.34 
11 3 6 44.4 55.4 21 15.7 53.0 13 2.82 
pie | 3 | 7 65.6 | aie] 34] 291] to76| 22] 2.25 | 
13 4 2 64.7 68.2 7 38.2 75.9 6 1.69 
14 4 3 93.1 98.3 10 69.8 128.3 10 1.33 
15 4 4 109.6 114.8 10 57.3 124.9 13 1.91 
16 4 E) 183.1 192.9 21 84.9 191.2 17 2.16 
17 4 6 240.5 254.3 30 75.6 177.7 21 3.18 
1s | 4 | 7 287.0 | 303.7 | 37] sig | 342.5] 351.90 | 
19 5 2 150.8 157.6 6 111.0 172.5 8 1.36 
20 5 3 211.0 215.2 8 155.9 235.6 11 1.35 
21 5 4 473.6 480.2 21 238.8 397.3 16 1.98 
22 5 5 396.6 406.4 20 306.0 484.2 27 1.30 
23 5 6 548.2 562.8 30 337.6 554.2 30 1.62 
24 | 5 | 7 | 682.6 | 689.9 | 33.1 362.7 | 579.0] 26 | 1.88 | 
25 6 2 852.8 856.3 7 394.3 467.0 6 2.16 
26 6 3 979.3 983.2 8 691.5 816.7 12 1.42 






























































Standard decomposition | Nested decomposition | Ratio 
Algorithm 1 Algorithm 1A 

27 6 4 1587.0 | 1594.6 16 | 1030.0 | 1227.3 18 1.54 
28 6 2) 2244.0 | 2255.8 26 | 1210.0 | 1451.8 25 1.85 
29 6 6 3047.0 | 3067.6 42 | 1719.0 | 2075.9 31 1.77 
30. | 6 | 7 | 4331.0 | 4362.2] 69 | 1530.0 | 18973 |___ 36 | ___2.83 | 
31 if 2 389.7 393.0 vy) 698.4 737.2 4 (0.56) 
32 7 3 956.8 962.8 13 166.5 175.0 2 5.75 
33 7 4 1633.0 | 1643.4 22 617.2 648.0 2 2.65 
7 5 2212.0 | 2223.7 2302.0 | 2417.1 9 (0.96) 

Ss le Ae 1 sonst sla sal 





















































Table 9. Computational results for Algorithm 1 and Algorithm 1A 
implementing DSP with the standard decomposition and the nested 
decomposition methods, respectively Grid: lattice 10x10. Number 
of decision variables: 383. Costs range: Uniform [0,1]. Penalties 
range: Uniform [1,2]. Model implementation: GAMS. Solver: 
XPRESS. Other parameters: optcr=0.01, allowable decomposition 
gap=0.01. The “ratio” column corresponds to the improvement 
(decline) of Algorithm 1A with respect to Algorithm 1. 

B. IMPROVED STANDARD DAD DECOMPOSITION 
Standard decomp. Algorithm 1B Ratio 
Algorithm 1 

Prob. | Att. | Def. Zz time A (sec) | Iter. | time C (sec) | Iter. A/C 
1 2 2 4.58 27 4 1.0 1 2.63 
2 2 3 4.58 3.4 5 1.0 1 3.37 
3 2 4 4.58 4.1 6 1.0 1 4.02 
4 2 5 4.58 4.3 7 1.0 1 4.21 
5 2 6 4.55 7.5 11 11 1 6.86 

Sine Ss ees ee Oe 22 ee ON A eR ae 

7 3 2 4.78 17.4 6 17.4 5 1.00 
8 3 3 4.75 21.5 8 21.5 7 1.00 
9 3 4 4.75 32.9 14 33.0 13 1.00 






































































































































Prob. | Att. | Def. | z time A (sec) | Iter. | time C (sec) | Iter. | A/C 
10 3 5 4.75 39.9 18 41.4 17 0.96 
11 3 6 4.58 44.4 22 40.7 18 1.09 
2 | 3 | 7 | ase] 6 | 35) a6 | 2) ss | 
13 4 2 4.96 64.7 8 64.1 il 1.01 
14 4 3 4.93 93.1 11 94.4 10 0.99 
15 4 4 4.81 109.6 11 109.9 10 1.00 
16 4 5 4.79 183.1 22 184.0 21 1.00 
17 4 6 4.79 240.5 31 241.0 30 1.00 
Lis | 4 [7 | 47] e709 | 3g] 242 | 3a | ose | 
19 5 2 5.20 150.8 7 150.8 6 1.00 
20 5 3 5.07 211.0 9 208.7 8 1.01 
21 5 4 5.07 473.6 22 480.1 21 0.99 
22 5 5 5.07 396.6 21 399.3 20 0.99 
23 5 6 5.02 548.2 31 557.1 30 0.98 
24 | s | i7 | so2] 6.6 | 34] 392 | 3307] 
25 6 2 5.35 852.8 8 836.0 7 1.02 
26 6 3 5.28 979.3 9 963.0 8 1.02 
27 6 4 5.25 1587.0 17 1591.2 16 1.00 
28 6 e) 5:25 2244.0 27 2493.0 24 0.90 
29 6 6 5.18 3047.0 43 3251.0 40 0.94 
30) 6 | o7 | sz] 4330 | 70] goat | so 107] 
31 7 2 5.68 389.7 8 381.7 7 1.02 
32 7 3 5.64 956.8 14 953.0 13 1.00 
33 7 4 5.59 1633.0 23 1554.0 20 1.05 
34 7 5 5.53 2212.0 26 2473.0 25 0.89 
35 7 6 5.35 2942.0 40 3670.0 39 0.80 
AVG: 1.64 
Table 10. | Computational results for modified Algorithm 1B implementing 


DSP. (See Table 9 for problem and implementation parameters). 
The “ratio” column corresponds to the improvement (decline) of 
Algorithm 1B with respect to Algorithm 1. 
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C. 


CAPACITY-INTERDICTION DAD 




















































































































Capacity-interdiction (M=2) | Capacity-interdiction (M=1) 
Algorithm 2 Algorithm 2 
time E Elap time F | Elap 

Prob | Att. | Def. | (sec) time | Iter. | A/E | (sec) | time | Iter. | A/F 

1 2 2 6.7 8.3 4 | (0.39) 6.0 8.3 5 | (0.44) 

2 2 3 5.8 7.5 4 | (0.58) 3.4 4.5 3 | (0.99) 

3 2 4 8.6 11.0 5 | (0.48) 4.4 6.2 5 | (0.95) 

4 2 5 11.0 13.7 7 | (0.40) 8.5 11.8 9 | (0.51) 

5 2 6 10.2 12.9 7 | (0.73) 6.2 9.1 8 1.20 
Jo | 2) 7 | 107] 143] 8} @73)| 75] 121] 10] 1.04 

7 3 2 37.0 38.9 5 | (0.47) 15.5 17.4 1.12 

8 3 3 31.8 35.0 5 | (0.68) 19.2 21.4 5 1.12 

9 3 4 27.1 28.9 4 1.21 16.8 20.0 5 1.96 

10 3 5 47.0 51.0 9 | (0.85) 29.5 34.1 10 1.35 

11 3 6 59.4 65.1 13 | (0.75) 30.8 36.3 12 1.44 
Jz | 3 [7 | 62s} 687] 15} 105/260] 31.2] 12) 252. 

13 4 2 142.6 145.0 6 | (0.45) 36.1 38.4 5 1.79 

14 4 3 204.1 206.7 7 | (0.46) 94.6 98.1 8 | (0.98) 

15 4 4 387.0 394.1 13 | (0.28) 74.1 TS 9 1.48 

16 4 2) 272.6 278.3 11 | (0.67) | 128.8 | 136.0 15 1.42 

17 4 6 288.0 295.6 16 | (0.84) | 125.4 | 134.5 17 1.92 
[1s [4 [7 | 315s | 3239] 21] @91) | 1033 | 113] 1s | 2.78. 

19 5 2 809.4 811.8 6 | (0.19) | 133.3 | 137.5 7 1.13 

20 5 3 1059.0 | 1062.8 10 | (0.20) | 184.7 | 189.2 10 1.14 

21 5 4 1211.0 | 1215.9 11 | (0.39) | 225.8 | 231.3 13 2.10 

22 5 5 1363.0 | 1369.6 17 | (0.29) | 296.1 | 303.9 16 1.34 

23 5 6 1184.0 | 1192.0 20 | (0.46) | 568.7 | 580.7 25 | (0.96) 
124 | 5 | 7 | 1962.0 | 1976.9 | 37 | (0.35) | 588.5 | 602.71 36] 116, 

25 6 2 4237.0 | 4239.4 5 | (0.20) | 424.8 | 426.9 5 2.01 

26 6 3 6988.0 | 6992.6 10 | (0.14) | 776.3 | 780.1 10 1.26 

27 6 4 7320.0 | 7325.3 12 | (0.22) | 1114.0 | 1121.3 18 1.42 

28 6 5 | 12440.0 | 12455.6 24 | (0.18) | 1157.0 | 1165.7 21 1.94 

29 6 6 | 12620.0 | 12635.9 34 | (0.24) | 1799.0 | 1815.7 38 1.69 

































































| Prob | Att. | Def. | timeE | Flap | Iter. | A/E | timeF | Flap | Hter. | A/F _ 
|_30 | 6 | 7 | 14620.0 | 14sg8.9 | _40 | (0.30) | 1565.0 | 1ssi.1 | __38 | 2.77, 

31 7 2, 3430.0 | 3431.9 5 | (0.11) | 371.2 | 3744 7 1.05 

32 7 3 5180.0 | 5197.4 7 | (0.18) | 1570.0 | 1573.7 10 | (0.61) 

33 7 4 11950.0 | 11959.8 17 | (0.14) | 2985.0 | 2991.9 17 | (0.55) 

34 7 5 13830.0 | 13839.7 20 | (0.16) | 2477.0 | 2436.2 21 | (0.89) 

35 | 7 | 6 | 14440.0 | 14447.5| 24] (0.20) | 5180.0 | 5194.4| 34] (0.57) 

36 7 7 24210.0 | 24226.5 38 | (0.26) | 4717.0 | 4732.9 36 1.33 

Avg: | (0.45) Avg: 1.36 

Table 11. Computational results for Algorithm 2 [DAD“-CN2], 


implementing DSP for different defensive and _ interdiction 
resources. The improvement in solution times with respect to the 


standard decomposition [DAD“’] is given by the ratio column 


(See Table 9 for problem and implementation parameters). 


D. MXSP PROBLEM IN AN EXPANDED NETWORK MODEL 


This section of the appendix illustrates the results obtained for the specialized 


ADD model developed in the body of the thesis, in Section D.IV. 


Table 12 shows execution times, in seconds, when [MXSP“’]and [MXSP*” -D] 
are tested against a set of networks of different topology and increasing size. The long 
topology networks are rectangular grids with 3 nodes in the vertical axis and m > 3 nodes 
in the horizontal axis. Similarly, square-topology networks are based on an nxn grid 


nodes. They are generated using Java code that randomly assigns costs to the arcs within 


the range [0, 1] and interdiction penalties in the range [1, 2]. 


The number of defense and attack resources are kept fixed throughout the runs to 
two and four, respectively. The XPRESS solver is used within GAMS (XPRESS Solver 


Manual, GAMS 2007), with zero absolute termination criterion and a value for the 


allowable decomposition gap of ¢ =0.1 for the decomposition algorithm. 
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interdictable | decision 
Problem | topology | nodes arcs vars G+ | [MXSP*"*] | [MXSP"*-D] | iterations 
1 3x3 11 24 168 0.08 0.17 3 
2 3x5 17 44 308 0.25 1.76 10 
3 3x7 23 64 448 0.44 1.97 18 
4 3x10 32 94 658 1.61 28.60 90 
5 3x13 41 124 868 2.53 15.30 47 
6 3x15 47 144 1008 9.69 59.03 94 
7 3x20 62 194 1358 5.31 29.16 53 
8 2x25 77 244 1708 44.70 219.43 167 
9 3x30 92 294 2058 13.94 61.87 74 
Lo eZee! Le ene 2a oe 2408) 1982.00 | ase re 162 | 
11 4x4 18 48 336 0.16 0.77 10 
12 5x5 27 80 560 0.63 1.10 10 
13 6x6 38 120 840 2.50 3.77 26 
14 7x7 51 168 1176 1.92 4.38 30 
15 8x8 66 224 1568 45.33 13.20 55 
16 10x10 102 360 2520 36.22 11.90 43 
17 12x12 146 528 3696 47.91 52.50 120 
18 15x15 227 840 5880 268.77 53.65 61 
19 20x20 402 1520 10640 10130.00 300.25 131 
Table 12. Computational results for MXSP showing execution times when 


DSP is solved directly as a MIP [MXSP‘’] or by decomposition 
[MxSP*” -D], (See Algorithm 4 in Section IV.D). 


Figure 9 and Figure 10 show that there is a small difference in computational 


times for different network topologies. Square grids tend to solve faster than long 


networks, when comparing grids with roughly the same number of nodes. 


With respect to solution methods, the number of decision variables in the problem 


is the most significant factor. For grids with few nodes, [MXSP”’-D] solves faster, but 


beyond 100 nodes, decomposition methods do much better. There are orders of 


magnitude in the differences between solution times when the number of nodes increases. 
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Figure 9. | Computational results for long topology grids. Differences in 


performance between [MXSP’”] and [MXSP”’ -D] become 
noticeable beyond 100 nodes (1010 lattice). 
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Figure 10. Computational results for square-topology grids. Beyond 200 
nodes (15x15 lattice), solving [MXSP“’ | directly as a MIP is very 


computational expensive. 
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APPENDIX II. PRACTICAL EXAMPLE IN CHAPTER VI: 
FIGURES AND TABLES 





Figure 11. Cadiz Bay road map showing the network nodes. (Map from 
Michelin 2007). 


vi 











PLANS FROM OPTIMAL SOLUTION 







































































Defensive plan Attack plan Shortest path 

tail head tail head tail head ; tail head 
1 2 50 51 1 8) 122 140 
36 50 50 52 8 4) (123 125 
55 57 107 106 14 16: 125 122 
57 70 108 105 16 7: «126 123 
70 72 158 171 27 110; 140 141 
97 120 169 170 90 92: 141 145 
98 97 92 93: 145 146 
105 184 93 21} 146 149 
120 127 94 95. ‘149 203 
121 126 95 7: «ITB 174 
97 90: 174 176 
100 94: «175 173 
102 100: 176 | 202 
105 184: (177 300 
108 105: 184 102 
109 108; 202 177 
110 109; 203 175 

121 126 | 














Table 13. Optimal defensive, attack and traversing plan for the esto] DSP 
problem. 
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Figure 12. Area map showing the optimal solution to the tri-level problem 
given by DAD (Map from Michelin 2007). 
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